IBM Support

SSLKeyException: RSA premaster secret error Caused by InvalidKeyException

Technote (troubleshooting)


Problem(Abstract)

My java application using the Data Server Driver for JDBC (JCC) is failing to establish SSL connection with following error:

SSLKeyException: RSA premaster secret error. Caused by: java.security.InvalidKeyException: Illegal key size or default parameters.

Symptom

javax.net.ssl.SSLKeyException: RSA premaster secret error. Caused by: java.security.InvalidKeyException: Illegal key size or default parameters


Cause

The default restricted policy file has a 2048 key size limit. If the RSA key size exceeds this limit then this error is expected.

Resolving the problem

This issue can be resolved by upgrading to the unrestricted policy files, replacing the security policy files with the IBM unlimited cryptography files. Replace the local_policy.jar with the Unrestricted JCE policy File.

Document information

More support for: DB2 for Linux, UNIX and Windows
Programming Interface - JDBC

Software version: 9.5, 9.7, 10.1, 10.5

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Reference #: 1663373

Modified date: 11 October 2014


Translate this page: