Friday, May 15, 2015

Maven build error - Could not generate DH keypair

I had two modules that had been building for the past five months. Then a new developer came on board and got the following error. The key thing here was “java.lang.RuntimeException: Could not generate DH keypair. Prime size must be multiple of 64, and can only range from 512 to 1024”.
D:\workspaces\cherryshoe-team\cherryshoe\alfresco>mvn clean install
[INFO] Scanning for projects…
Downloading: https://artifacts.alfresco.com/nexus/content/groups/private/org/alfresco/maven/alfresco-sdk-parent/1.1.1/alfresco-sdk-parent-1.1.1.pom
Downloading: https://artifacts.alfresco.com/nexus/content/groups/public/org/alfresco/maven/alfresco-sdk-parent/1.1.1/alfresco-sdk-parent-1.1.1.pom
Downloading: https://artifacts.alfresco.com/nexus/content/groups/public-snapshots/org/alfresco/maven/alfresco-sdk-parent/1.1.1/alfresco-sdk-parent-1.1.1.pom
[ERROR] The build could not read 2 projects -> [Help 1]
[ERROR]
[ERROR] The project com.cherryshoe.sampleproject:cherryshoe-alfresco-amp:1.0-SNAPSHOT (D:\workspaces\cherryshoe-team\cherryshoe\alfresco\cherryshoe-alfresco-amp\pom.xml) has 1 error
[ERROR] Non-resolvable parent POM: Could not transfer artifact org.alfresco.maven:alfresco-sdk-parent:pom:1.1.1 from/to alfresco-artifacts-repository (https://artifacts.alfresco.com/nexus/content/groups/private): java.lang.RuntimeException: Could not generate DH keypair and ‘parent.relativePath’ points at wrong local POM @ line 14, column 13: Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive) -> [Help 2]
[ERROR]
[ERROR] The project com.cherryshoe.sampleproject:cherryshoe-share-amp:1.0-SNAPSHOT (D:\workspaces\cherryshoe-team\cherryshoe\alfresco\cherryshoe-share-amp\pom.xml) has 1 error
[ERROR] Non-resolvable parent POM: Failure to transfer org.alfresco.maven:alfresco-sdk-parent:pom:1.1.1 from https://artifacts.alfresco.com/nexus/content/groups/private was cached in the local repository, resolution will not be reattempted until the update interval of alfresco-artifacts-repository has elapsed or up dates are forced. Original error: Could not transfer artifact org.alfresco.maven:alfresco-sdk-parent:pom:1.1.1 from/to alfresco-artifacts-repository (https://artifacts.alfresco.com/nexus/content/groups/private): java.lang.RuntimeException:Could not generate DH keypair and ‘parent.relativePath’ points at wrong local POM @ line 12, column 13 -> [Help 2]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
D:\workspaces\cherryshoe-team\cherryshoe\alfresco>
I backed up my local maven repository folder, starting fresh, to see if I could reproduce the problem. Yes I got the same error too! What had happened; this had worked before, what had changed? I wasn’t at the time entirely sure if it was just my environment, or something on the server where I was attempting to communicate with. Either way, these are the steps that helped me figure out what the problem (and solution was).
The following example is with an alfresco-maven-sdk maven module, but the same problem and solution can be used for any maven build error when communicating with an https endpoint.
Environment:
Windows 7 64-bit
Java 1.6.0_33
Steps:
1. Found an article that pointed me in the right direction.
2. Since this error is specific to https; I created a new alfresco-maven-sdk module specifying the archetypeCatalog point to an https endpiong. Got the same “Could not generate DH keypair” error.
i.e. mvn archetype:generate -DarchetypeCatalog=https://artifacts.alfresco.com/nexus/content/groups/public/archetype-catalog.xml -Dfilter=org.alfresco.maven.archetype:
2. When removing the explicit parameter specifying the archetypeCatalog pointing at an https endpoint, the error did NOT error.
mvn archetype:generate -Dfilter=org.alfresco:
Solution:
The problem is “Prime size must be multiple of 64, and can only range from 512 to 1024”. The maximum-acceptable size that Java accepts is 1024 bits, this is a known issue <http://bugs.java.com/bugdatabase/view_bug.do?bug_id=6521495>. I tried using the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files, that did not work. The bug report mentioned using BouncyCastle’s JCE implementation to get around this problem.
1. Download the BouncyCastle JCE jars. These particular links are for version 1.52 and work for Oracle Java 5 – Java 8.
https://www.bouncycastle.org/download/bcprov-jdk15on-152.jar
https://www.bouncycastle.org/download/bcprov-ext-jdk15on-152.jar
OR:
http://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk15on/1.52
http://mvnrepository.com/artifact/org.bouncycastle/bcprov-ext-jdk15on/1.52
2. Copy jars to $JAVA_HOME/jre/lib/ext
3. Edit $JAVA_HOME/jre/lib/security/java.security as follows:
a. Locate the “security.provider” section. Keep security.provider.1=sun.security.provider.Sun
b. Locate “security.provider.2” and make that “security.provider.3”. Do this for all the remaining “security.provider.n” values.
c. Set “security.provider.2” to org.bouncycastle.jce.provider.BouncyCastleProvider
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
4. Re-run the maven build and the errors should now be gone.

2 comments:

I appreciate your time in leaving a comment!