This was one of those tough to track down issues that yielded very little in terms of actionable solutions vs. confirmation of similar problems while I Googled the problem symptoms. I recently upgraded a Grails app from Weblogic 8 to 10.3. The app allowed users to upload videos to Youtube using the Youtube APIs, using ClientLogin for authentication. The problem was after the upgrade the connection to https://www.google.com/accounts/ClientLogin was failing during the SSL negotiation phase. The errors in the log were
java.lang.IllegalStateException: Cipher not initialized
at javax.crypto.Cipher.c(DashoA13*..)
at javax.crypto.Cipher.update(DashoA13*..)
at com.certicom.tls.provider.Cipher.update(Unknown Source)
…
and
java.security.InvalidKeyException: Illegal key size
Thankfully I found this thread on a Korean Oracle forum. The solution is to add this JVM parameter:
-Dweblogic.security.SSL.nojce=true
This enables Weblogic to use a FIPS 140-2 compliant crypto module in the server’s SSL implementation. FIPS 140-2 is a standard that describes U.S. Federal government requirements for sensitive, but unclassified use.
If you have this problem, I hope you stumble upon this post and it helps you.
Thanks – Same issue, this saved a lot of time…
I have the same problem but -Dweblogic.security.SSL.nojce=true did not help. Maybe I put it in the wrong place?
if NOT "%WLS_USER%"=="" (
set JAVA_OPTIONS=%JAVA_OPTIONS% -Dweblogic.management.username=%WLS_USER% -Dweblogic.security.SSL.nojce=true
)
is where I put it. I tried to put it directly on the following
%JAVA_HOME%binjava %JAVA_VM% %MEM_ARGS% -Dweblogic.Name=%SERVER_NAME% -Djava.security.policy=%WL_HOME%serverlibweblogic.policy %JAVA_OPTIONS% %PROXY_SETTINGS% -Dweblogic.security.SSL.nojce=true
but that did not change anything either.
Any suggestions?