Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

5. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anju K

Posted Wed January 18, 2023 12:11 AM

Update ssl compliance value as fips in PD.properties and make sure PD.jar version is installed isva version

Sent from my iPhone

Original Message

6. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Wed January 18, 2023 01:54 AM

Hi
I am using ISVA 10.0.5 version with IBM Security Verify Directory Server Instance 10.0 which is having IBM JDK 1.8 installed.
I have download pdjrte and ran pdjrtecfg.bat which created PolicyDirectory folder and copied the PD.jar to jre/lib/ext folder.
I have also tried to change to change ssl-compliance to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage
------------------------------

Original Message

7. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Wed January 18, 2023 02:03 AM

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage
------------------------------

Original Message

8. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Nick Lloyd

Posted Wed January 18, 2023 10:46 AM

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support
------------------------------

Original Message

9. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Thu January 19, 2023 01:45 AM

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage
------------------------------

Original Message

10. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Mon January 23, 2023 09:04 AM

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage
------------------------------

Original Message

11. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Wed January 25, 2023 12:01 AM

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage
------------------------------

Original Message

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

12. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Tushar Prasad

Posted Wed January 25, 2023 01:51 AM

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar
------------------------------

Original Message

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

13. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Wed January 25, 2023 02:13 AM

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage
------------------------------

Original Message

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

14. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Tushar Prasad

Posted Wed January 25, 2023 04:44 AM

HI

Best if you can track it through a support case

thanks

------------------------------
Tushar
Tushar
------------------------------

Original Message

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

15. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Nick Lloyd

Posted Thu January 26, 2023 08:06 AM
Edited by Nick Lloyd Thu January 26, 2023 08:06 AM

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support
------------------------------

Original Message

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

16. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Fri January 27, 2023 01:49 AM

Hi @Nick Lloyd,

Thank you for your reply.
We would like to understand why this fix needs to delivered vai support case and not as an patch for all the customer.
Is there any plan for announcing deprecating or making end of life for this PD.jar

------------------------------
Anannd Dhage
------------------------------

Original Message

Original Message:
Sent: Thu January 26, 2023 08:05 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

17. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Nick Lloyd

Posted Mon January 30, 2023 08:49 AM

There are no plans to announce EOL for PD.jar or com.tivoli.pd.rgy.jar.
I do not know how L3 plans to deliver the fix. It may be available via Fix Central when ready.

------------------------------
Nick
IBM Security Verify Customer Support
------------------------------

Original Message

Original Message:
Sent: Fri January 27, 2023 01:48 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
We would like to understand why this fix needs to delivered vai support case and not as an patch for all the customer.
Is there any plan for announcing deprecating or making end of life for this PD.jar

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 26, 2023 08:05 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

18. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Tue January 31, 2023 02:42 AM
Edited by Anannd Dhage Tue January 31, 2023 03:12 AM

Hi @Nick Lloyd,

Thank you for your reply.
Could you please let me know the exact timeline of delivering this fix. When we can we expect this to be available.
We have installed IBM Security Verify Access (VA) using ISO image, could you please let me know whether this fix will be applicable for ISO image or NOT

------------------------------
Anannd Dhage
------------------------------

Original Message

Original Message:
Sent: Mon January 30, 2023 08:49 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

There are no plans to announce EOL for PD.jar or com.tivoli.pd.rgy.jar.
I do not know how L3 plans to deliver the fix. It may be available via Fix Central when ready.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Fri January 27, 2023 01:48 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
We would like to understand why this fix needs to delivered vai support case and not as an patch for all the customer.
Is there any plan for announcing deprecating or making end of life for this PD.jar

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 26, 2023 08:05 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

19. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Anannd Dhage

Posted Fri February 10, 2023 12:44 AM

Hi @Nick Lloyd

Did you get a chance to look into it.

------------------------------
Anannd Dhage
------------------------------

Original Message

Original Message:
Sent: Tue January 31, 2023 02:42 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
Could you please let me know the exact timeline of delivering this fix. When we can we expect this to be available.
We have installed IBM Security Verify Access (VA) using ISO image, could you please let me know whether this fix will be applicable for ISO image or NOT

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 30, 2023 08:49 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

There are no plans to announce EOL for PD.jar or com.tivoli.pd.rgy.jar.
I do not know how L3 plans to deliver the fix. It may be available via Fix Central when ready.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Fri January 27, 2023 01:48 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
We would like to understand why this fix needs to delivered vai support case and not as an patch for all the customer.
Is there any plan for announcing deprecating or making end of life for this PD.jar

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 26, 2023 08:05 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

20. RE: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Like

Piyush Agrawal

Posted Wed March 15, 2023 04:49 AM

Hello,

Do we have any update on this?

------------------------------
Piyush Agrawal
https://www.linkedin.com/in/piyush-norway/
Gjensidige Norway
------------------------------

Original Message

Original Message:
Sent: Fri February 10, 2023 12:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd

Did you get a chance to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 31, 2023 02:42 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
Could you please let me know the exact timeline of delivering this fix. When we can we expect this to be available.
We have installed IBM Security Verify Access (VA) using ISO image, could you please let me know whether this fix will be applicable for ISO image or NOT

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 30, 2023 08:49 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

There are no plans to announce EOL for PD.jar or com.tivoli.pd.rgy.jar.
I do not know how L3 plans to deliver the fix. It may be available via Fix Central when ready.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Fri January 27, 2023 01:48 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for your reply.
We would like to understand why this fix needs to delivered vai support case and not as an patch for all the customer.
Is there any plan for announcing deprecating or making end of life for this PD.jar

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 26, 2023 08:05 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

PD.jar 10.0.2.0 does not support JDK 11. It only ever supported IBM JRE 8. Please open a support case. We are working on a fix for 10.0.5.0 which will need to be delivered via the support case.

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 25, 2023 02:13 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Tushar Prasad,

I can't because we need to certify the latest tivoli verify access version which is 10.0.5 currently.
PD.jar of 10.0.2 PD.jar also required other IBM dependencies jar to work, that's why i was trying to use PD.jar of 10.0.5 version.
Also i have observed that PD.jar of 10.0.2 is not working with oracle JDK 11 and open JDK 11.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 25, 2023 01:51 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi

cant you continue to use PD.jar of 10.0.2.0?

------------------------------
Tushar
Tushar

Original Message:
Sent: Wed January 25, 2023 12:01 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Have you had a moment to look into it.

------------------------------
Anannd Dhage

Original Message:
Sent: Mon January 23, 2023 09:03 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi @Nick Lloyd,

Thank you for you suggestion.
I have tried to create config and key file using PD.jar of 10.0.2 version and it get created.
But whenever i am trying to connect to server programmatically using PD.jar file of 10.0.5 version i am getting below error on open jdk 11.

java.lang.IllegalArgumentException: Illegal base64 character d
at java.base/java.util.Base64$Decoder.decode0(Base64.java:743)
at java.base/java.util.Base64$Decoder.decode(Base64.java:535)
at java.base/java.util.Base64$Decoder.decode(Base64.java:558)
at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:589)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)
at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:347)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:337)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:365)
at com.tivoli.pd.jutil.PDContext.<init>(PDContext.java:229)

Could you please check it and let me know how to proceed on this error. ++@Tushar Prasad
Any help appreciated.

------------------------------
Anannd Dhage

Original Message:
Sent: Thu January 19, 2023 01:44 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Thank you @Nick Lloyd for your reply.
I will try it on 10.0.2.

------------------------------
Anannd Dhage

Original Message:
Sent: Wed January 18, 2023 10:46 AM
From: Nick Lloyd
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Anannd,

There are some issues with PDJRTE 10.0.5.0 which are being addressed. Please continue to use 10.0.2.0

------------------------------
Nick
IBM Security Verify Customer Support

Original Message:
Sent: Wed January 18, 2023 02:02 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

I am using ISVA 10.0.5 version with IBM Security Verify Directory instance 10.0.
I had downloaded the pdjrte zip and ran the pdjrtecfg.bat -action config –interactive which have created PolicyDirectory and copied PD.jar file in /ext folder. Current version of java of ldap directory server instance is IBM JDK 1.8.
I had tried to change the ssl compliance value to sp800-131-transition and fips but no luck with it.

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 11:55 PM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

What is your ISVA version? hope you are using a compatible PD.jar ( incase its 1031/1030 , make sure you use PD.jar at 10.0.2.0)

also you have run SvrSslCfg with the option -Djavax.net.debug=ssl,handshake

I suggest go ahead with support case. Usually, its either incorrect verison of PD.jar(java version needs to be checked and ISVA version) , along with if required a tweak in ssl-compliance value

thanks
tushar

------------------------------
Tushar
Tushar

Original Message:
Sent: Tue January 17, 2023 08:23 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi Tushar,

Thank for your reply.
I had tried to change this parameter but the error is still remaining.
Attaching herewith my pd.properties file.
Could you please check and let me know is their anything which needs to be changed.
While configuring runtime component on TAM VA should i select the same and try again?

------------------------------
Anannd Dhage

Original Message:
Sent: Tue January 17, 2023 01:37 AM
From: Tushar Prasad
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

HI

Try updating PD.properties file .
open PD.propertiles file and replace ssl-compliance with below and rerun SvrSslCfg

ssl-compliance=sp800-131-transition

------------------------------
Tushar
Tushar

Original Message:
Sent: Mon January 16, 2023 07:53 AM
From: Anannd Dhage
Subject: Getting error - java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available

Hi All,

We are trying to configure the SDS 10 and while executing svrsslcfg command we are getting below error

C:\>java com.tivoli.pd.jcfg.SvrSslCfg -action config .......
`Exception in thread "main"`
`[java.lang.IllegalStateException: java.security.NoSuchAlgorithmException: SunX509 KeyManagerFactory not available`
`at sun.security.jca.GetInstance.getInstance(GetInstance.java:171)`
`at javax.net.ssl.KeyManagerFactory.getInstance(KeyManagerFactory.java:17)`
`at com.tivoli.pd.jutil.PDSslServices$1.run(PDSslServices.java:538)`
`at java.security.AccessController.doPrivileged(AccessController.java:691)`
`at com.tivoli.pd.jutil.PDSslServices.loadPDSslServices(PDSslServices.java:448)`
`at com.tivoli.pd.jutil.PDSslServices.<init>(PDSslServices.java:291)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.getMgrCert(PDAppSvrConfig.java:265)`
`at com.tivoli.pd.jadmin.PDAppSvrConfig.configureAppSvr(PDAppSvrConfig.java:864)`
`at com.tivoli.pd.jcfg.SvrSslCfg.config(SvrSslCfg.java:764)`
`at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)`
`at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:90)`
`at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)`
`at java.lang.reflect.Method.invoke(Method.java:508)`
`at com.tivoli.pd.jcfg.SvrSslCfg.invoke(SvrSslCfg.java:686)`
`at com.tivoli.pd.jcfg.SvrSslCfg.main(SvrSslCfg.java:451)`

Does any one had faced this issue and how to resolve it.
Any help appreciated.

------------------------------
AD
------------------------------

IBM Security Verify