3 Replies Latest reply on Jun 16, 2016 11:20 AM by WolfShade

    DH handshake issue with web service using ColdFusion 7 and 8 after java 8 update


      ColdFusion 7 and 8 are bundled with a variant of JRE1.6.


      I have a script which has successfully consumed a web service for years.  Last week, the provider of the web service updated their version of Apache and Java on the server to java 1.8 (or java 8).


      I could no longer consume the web service after the web service provider upgrade of Apache and Java and would receive the following DH keypair error each time I try to consume the service:




      faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.userException


      faultString: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair




      {http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair

      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1591)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1554)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1537)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1130)

      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1107)

      at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:186)

      at org.apache.axis.transport.http.HTTPSender.getSocket(HTT... ''



      I asked the web service provider why this would stop working and how we can fix it.  They suggested I upgrade to the latest version of Java on my server running ColdFusion.  I did some research and found the problem to be with the amount of memory allocated to the variable containing the encryption key.


      The big problem is when I tried to upgrade java on this particular server (Windows Server 2003), the install returned a messaged stating it couldn't run on the older OS and I would need to upgrade my OS in order to install java.


      Does anyone have a workaround in ColdFusion 7 or 8 by which you can establish the DH handshake using Java 1.6 on your local server while consuming a web service on a server using Java 1.8?