3 Replies Latest reply on Jun 16, 2016 11:20 AM by WolfShade

    DH handshake issue with web service using ColdFusion 7 and 8 after java 8 update

    frank000000

      ColdFusion 7 and 8 are bundled with a variant of JRE1.6.

       

      I have a script which has successfully consumed a web service for years.  Last week, the provider of the web service updated their version of Apache and Java on the server to java 1.8 (or java 8).

       

      I could no longer consume the web service after the web service provider upgrade of Apache and Java and would receive the following DH keypair error each time I try to consume the service:

       

      -----------------

      AxisFault

      faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException

      faultSubcode:

      faultString: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair

      faultActor:

      faultNode:

      faultDetail:

      {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair

      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1554)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1537)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1130)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)

      at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)

      at org.apache.axis.transport.http.HTTPSender.getSocket(HTT... ''

      -----------------

       

      I asked the web service provider why this would stop working and how we can fix it.  They suggested I upgrade to the latest version of Java on my server running ColdFusion.  I did some research and found the problem to be with the amount of memory allocated to the variable containing the encryption key.

       

      The big problem is when I tried to upgrade java on this particular server (Windows Server 2003), the install returned a messaged stating it couldn't run on the older OS and I would need to upgrade my OS in order to install java.

       

      Does anyone have a workaround in ColdFusion 7 or 8 by which you can establish the DH handshake using Java 1.6 on your local server while consuming a web service on a server using Java 1.8?