LARA

Notice 02/2017

LARA NOTICE

 


Number 02/2017

Issued on 31-07-2017

Valid until: UFN

Issued by LARA Team

 

There might be a problem in java language resulting in LARA reporting: “"Could not recover key from keystore." when attempting to connect to NM B2B services.

The log will contain further detail of the error:

Caused by: java.security.InvalidKeyException: Invalid RSA private key at sun.security.rsa.RSAPrivateCrtKeyImpl.parseKeyBits(Unknown Source) at sun.security.pkcs.PKCS8Key.decode(Unknown Source) at sun.security.pkcs.PKCS8Key.decode(Unknown Source) at sun.security.rsa.RSAPrivateCrtKeyImpl.(Unknown Source) at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source) at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source) ... 31 more Caused by: java.io.IOException: DerInputStream.getLength(): Redundant length bytes found

There is a potential issue between the Java JRE versions 1.8.0-121 onwards and the NM B2B Certificates (issued by Globalsign).

This impacts all B2B versions on OPS and PRE-OPS.

If you are using any of these Java versions from 121 onwards (e.g. 1.8.0-121, 1.8.0-141etc.), LARA may not be able to operate correctly, as B2B transactions could be blocked.

If this error occurs then a request for new openSSL version of the NM certificate from the NM CSO (mailto:NM.cso.help-desk@eurocontrol.int) is required. The new certificate will have had the redundant bytes removed from it.

Please reference the java bug reports when emailing: (https://bugs.openjdk.java.net/browse/JDK-8175251, http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8178396)

 

In case of any questions please contact the LARA Team

lara@eurocontrol.int

 


A LARA NOTICE is issued and distributed among LARA Users to inform the LARA Community about observations, important changes and related limitations in regard to the operational use of the LARA Software. Please ensure that relevant personnel is informed about this LARA NOTICE.