000025703 - JSafeJCE registered in 2nd position under JSSE - decryption error in handshake

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025703
Applies ToBSAFE/Crypto-J 3.6
Microsoft Windows 2003 Server
IssueJSafeJCE registered in 2nd position under JSSE - decryption error in handshake

A Java server application using jsafeJCEFIPS.jar under JSSE threw the following exception when the client tried to connect:

javax.net.ssl.SSLHandshakeException: Received fatal alert: decrypt_error
        at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275)
        at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
        at SServer.main(SServer.java:40)

CauseJsafeJCE was registered in 2nd position, meaning some algorithms could be supplied by another provider.
ResolutionJsafeJCE must be registered in 1st position to work properly under JSSE.
NotesSee also solution a33404: How to use JsafeJCE provider under JSSE
Legacy Article IDa39368