Hi! A few days ago I was trying the 3.0.0_pre10 version of icedtea-bin, and trying with Minecraft and can connect without problems, flawlessly. Everything normal. However, since I upgraded to the 3.0.0 final, it cannot connect to Internet, throws a KeyException and an SSL error. Check the log below. Thank you! [23:43:35 INFO]: Minecraft Launcher 1.6.61 (through bootstrap 5) started on linux... [23:43:35 INFO]: Current time is Apr 11, 2016 11:43:35 PM [23:43:35 INFO]: System.getProperty('os.name') == 'Linux' [23:43:35 INFO]: System.getProperty('os.version') == '4.1.15-gentoo-r1' [23:43:35 INFO]: System.getProperty('os.arch') == 'amd64' [23:43:35 INFO]: System.getProperty('java.version') == '1.8.0_77' [23:43:35 INFO]: System.getProperty('java.vendor') == 'Oracle Corporation' [23:43:35 INFO]: System.getProperty('sun.arch.data.model') == '64' [23:43:35 INFO]: proxy == DIRECT [23:43:35 INFO]: Refreshing local version list... [23:43:36 INFO]: Refreshing remote version list... [23:43:36 ERROR]: Unexpected exception refreshing version list javax.net.ssl.SSLException: java.security.ProviderException: java.security.KeyException at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1906) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1889) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1410) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_77] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1513) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1441) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) ~[?:1.8.0_77] at com.mojang.launcher.Http.performGet(Http.java:54) ~[launcher.jar:1.6.61] at net.minecraft.launcher.updater.RemoteVersionList.getContent(RemoteVersionList.java:60) ~[launcher.jar:1.6.61] at net.minecraft.launcher.updater.RemoteVersionList.refreshVersions(RemoteVersionList.java:42) ~[launcher.jar:1.6.61] at net.minecraft.launcher.updater.MinecraftVersionManager.refreshVersions(MinecraftVersionManager.java:62) ~[launcher.jar:1.6.61] at net.minecraft.launcher.Launcher$2.run(Launcher.java:133) [launcher.jar:1.6.61] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_77] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_77] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_77] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_77] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_77] Caused by: java.security.ProviderException: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) ~[sunec.jar:1.8.0_77] at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) ~[?:1.8.0_77] at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:77) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:721) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:281) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:1.8.0_77] ... 16 more Caused by: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) ~[sunec.jar:1.8.0_77] at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) ~[sunec.jar:1.8.0_77] at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) ~[?:1.8.0_77] at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:77) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:721) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:281) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:1.8.0_77] ... 16 more [23:43:36 INFO]: Loaded 4 profile(s); selected 'OptiFine' [23:43:36 INFO]: Refreshing auth... [23:43:36 INFO]: Logging in with access token [23:43:36 ERROR]: Exception whilst logging into profile com.mojang.authlib.exceptions.AuthenticationUnavailableException: Cannot contact authentication server at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:71) ~[launcher.jar:1.6.61] at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logInWithToken(YggdrasilUserAuthentication.java:132) ~[launcher.jar:1.6.61] at com.mojang.authlib.yggdrasil.YggdrasilUserAuthentication.logIn(YggdrasilUserAuthentication.java:55) ~[launcher.jar:1.6.61] at net.minecraft.launcher.Launcher.ensureLoggedIn(Launcher.java:215) [launcher.jar:1.6.61] at net.minecraft.launcher.Launcher$2.run(Launcher.java:169) [launcher.jar:1.6.61] at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_77] at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_77] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_77] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_77] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_77] Caused by: javax.net.ssl.SSLException: java.security.ProviderException: java.security.KeyException at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1906) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1889) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1410) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_77] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.8.0_77] at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:1.6.61] at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:54) ~[launcher.jar:1.6.61] ... 9 more Caused by: java.security.ProviderException: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) ~[sunec.jar:1.8.0_77] at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) ~[?:1.8.0_77] at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:77) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:721) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:281) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_77] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.8.0_77] at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:1.6.61] at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:54) ~[launcher.jar:1.6.61] ... 9 more Caused by: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) ~[sunec.jar:1.8.0_77] at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) ~[sunec.jar:1.8.0_77] at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) ~[?:1.8.0_77] at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:77) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:721) ~[?:1.8.0_77] at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:281) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) ~[?:1.8.0_77] at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) ~[?:1.8.0_77] at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) ~[?:1.8.0_77] at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283) ~[?:1.8.0_77] at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258) ~[?:1.8.0_77] at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) ~[?:1.8.0_77] at com.mojang.authlib.HttpAuthenticationService.performPostRequest(HttpAuthenticationService.java:73) ~[launcher.jar:1.6.61] at com.mojang.authlib.yggdrasil.YggdrasilAuthenticationService.makeRequest(YggdrasilAuthenticationService.java:54) ~[launcher.jar:1.6.61] ... 9 more Reproducible: Always
Similar error apears when verifying java on java.com website with NPAPI plugin with Firefox.
Yeah, sorry about this. I think I'm seeing it too: $ java TestECDSA Exception in thread "main" java.security.ProviderException: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) at TestECDSA.main(TestECDSA.java:30) Caused by: java.security.KeyException at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method) at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128) ... 2 more I included a ECDSA fix, which worked on the version of NSS I tested with, but seems to fail on newer versions. While I'm debugging this, a simple workaround is to remove the SunEC provider from /usr/lib/jvm/icedtea-8/jre/lib/security/java.security: security.provider.3=sun.security.ec.SunEC When building, this can be done by disabling the sunec USE flag. I'll turn that off by default for now.
(In reply to Andrew John Hughes from comment #2) > When building, this can be done by disabling the sunec USE flag. I'll turn > that off by default for now. I've done the same with dev-java/icedtea in the main tree now. I'll adjust icedtea-bin tonight.
Okay, that's icedtea-bin sorted. I'll keep this open until the proper fix is in place.
IcedTea bug: http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2934
I installed the recent version with the nosunec patch and it's working fine. Thanks!
Will be fixed in 3.0.1 by this: http://icedtea.classpath.org/hg/release/icedtea8-forest-3.0/jdk/rev/dab76de2f91c
3.0.1 is in the tree now.