[jira] [Commented] (BUILDS-85) Could not generate DH keypair / peer not authenticated

Dennis Lundberg (JIRA) Thu, 09 Jul 2015 03:23:52 -0700

    [ 
https://issues.apache.org/jira/browse/BUILDS-85?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14620271#comment-14620271
 ]


Dennis Lundberg commented on BUILDS-85:
---------------------------------------

Java 6 does not support any ECDHE ciphers. It does support a couple of DHE 
ciphers, but these are deemed insecure due to [Logjam|https://weakdh.org/].

The investigations I've done indicates that the most secure cipher you can use 
on Java 6 is TLS_RSA_WITH_AES_128_CBC_SHA. If INFRA considers this to be secure 
enough it would be great if that cipher could be enabled in the SSL proxy.

However it also depends on the parameter size used for Diffie-Hellman. Java 6 
only supports up to 1024 bits.

> Could not generate DH keypair / peer not authenticated 
> -------------------------------------------------------
>
>                 Key: BUILDS-85
>                 URL: https://issues.apache.org/jira/browse/BUILDS-85
>             Project: Infra Build Platform
>          Issue Type: Bug
>          Components: Jenkins
>            Reporter: Andreas Lehmkühler
>            Assignee: Geoffrey Corey
>
> We're getting this since june 10th:
> [INFO] --- maven-deploy-plugin:2.6:deploy (default-deploy) @ pdfbox-parent ---
> Downloading:https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/pdfbox-parent/1.8.10-SNAPSHOT/maven-metadata.xml
> [WARNING] Could not transfer metadata 
> org.apache.pdfbox:pdfbox-parent:1.8.10-SNAPSHOT/maven-metadata.xml from/to 
> apache.snapshots.https 
> (https://repository.apache.org/content/repositories/snapshots): Error 
> transferring file: java.lang.RuntimeException: Could not generate DH keypair
> and this:
> [INFO] --- maven-deploy-plugin:2.8.2:deploy (default-deploy) @ pdfbox-parent 
> ---
> Downloading:https://repository.apache.org/content/repositories/snapshots/org/apache/pdfbox/pdfbox-parent/2.0.0-SNAPSHOT/maven-metadata.xml
> [WARNING] Could not transfer metadata 
> org.apache.pdfbox:pdfbox-parent:2.0.0-SNAPSHOT/maven-metadata.xml from/to 
> apache.snapshots.https 
> (https://repository.apache.org/content/repositories/snapshots): peer not 
> authenticated
> The issue seems to be jdk related as only those builds using java 1.6.0_37 
> (unlimited security) are failing. I've reconfigured the trunk build to use 
> java 7 and everything works fine, as well as our jdk7 based branch build.
> Any ideas? Maybe a plugin update which doesn't work with java6?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (BUILDS-85) Could not generate DH keypair / peer not authenticated

Reply via email to