LARA NOTICE
|
Number 02/2017
Issued on 31-07-2017
Valid until: UFN
Issued by LARA Team
There might be a problem in java language resulting in LARA reporting: “"Could not recover key from keystore." when attempting to connect to NM B2B services.
The log will contain further detail of the error:
Caused by: java.security.InvalidKeyException: Invalid RSA private key at sun.security.rsa.RSAPrivateCrtKeyImpl.parseKeyBits(Unknown Source) at sun.security.pkcs.PKCS8Key.decode(Unknown Source) at sun.security.pkcs.PKCS8Key.decode(Unknown Source) at sun.security.rsa.RSAPrivateCrtKeyImpl.(Unknown Source) at sun.security.rsa.RSAPrivateCrtKeyImpl.newKey(Unknown Source) at sun.security.rsa.RSAKeyFactory.generatePrivate(Unknown Source) ... 31 more Caused by: java.io.IOException: DerInputStream.getLength(): Redundant length bytes found
There is a potential issue between the Java JRE versions 1.8.0-121 onwards and the NM B2B Certificates (issued by Globalsign).
This impacts all B2B versions on OPS and PRE-OPS.
If you are using any of these Java versions from 121 onwards (e.g. 1.8.0-121, 1.8.0-141etc.), LARA may not be able to operate correctly, as B2B transactions could be blocked.
If this error occurs then a request for new openSSL version of the NM certificate from the NM CSO (mailto:NM.cso.help-desk@eurocontrol.int) is required. The new certificate will have had the redundant bytes removed from it.
Please reference the java bug reports when emailing: (https://bugs.openjdk.java.net/browse/JDK-8175251, http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8178396)
In case of any questions please contact the LARA Team