java.lang.RuntimeException: Export restriction: SSLSocketFactory supports non-pluggable ciphersuite(s)

3 years ago

Originally Published: 2011-03-25

Article Number

000044127

Applies To

RSA Key Manager Java Client
HP Tandem (Nonstop)
IBM JDK

Issue

Error: java.lang.RuntimeException: Export restriction: SSLSocketFactory supports non-pluggable ciphersuite(s)
at com.sun.net.ssl.internal.ssl.ExportControl.checkCipherSuites(ExportControl.java:176)
at javax.net.ssl.SSLContext.getSocketFactory(SSLContext.java:164)
at com.rsa.kmc.w.ab.a(Unknown Source)
at com.rsa.kmc.w.aV.a(Unknown Source)
at com.rsa.kmc.w.aB.a(Unknown Source)
at com.rsa.kmc.w.ay.<init>(Unknown Source)
at com.rsa.kmc.w.aS <http://com.rsa.kmc.w.aS>.<init>(Unknown Source)
at com.rsa.kmc.w.aS.a(Unknown Source)
at com.rsa.kmc.w.aS.a(Unknown Source)
at com.rsa.kmc.KMConfig.<init>(Unknown Source)
...

Resolution

In one case, re-installing a fresh Sun JRE 1.6 in a non-default location and pointing to it resolved the issue.

Upgrade to JDK 1.6:
- http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html

"Appendix B: Provider Pluggability
JSSE in Java SE 6 is fully pluggable and does not restrict the use of third party JSSE providers in any way."

Work around the problem by pointing to the IBM JSSE2 HTTPS handler:
- http://www-01.ibm.com/support/docview.wss?uid=nas2c5096397bdc71833862572af003c732c

"Add the following property to your J2SE 5.0 startup to force the
IBM JSSE2 HTTPS handler to be used.

-Djava.protocol.handler.pkgs=com.ibm.net.ssl.www2.protocol"

Don't see what you're looking for?

Related Articles

Trending Articles