My Oracle Support Banner

Error "InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)" When Verifying External Provider SSL Connection in Shared Services (Doc ID 2583541.1)

Last updated on SEPTEMBER 23, 2020

Applies to:

Hyperion Planning - Version 11.1.2.0.00 and later
Hyperion BI+ - Version 11.1.2.0.00 and later
Information in this document applies to any platform.

Symptoms

 When setting up an external SSL enabled MSAD/LDAP external authentication provider in Shared Services the test connection fails 

The Foundation Services SharedServices_Security.log shows the following error. The default location for Foundation Services logs is \Oracle\Middleware\user_projects\domains\EPMSystem\servers\FoundationServices0\logs\

Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
       at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1764)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1725)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1708)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1634)
       at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:86)
       at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
       at java.io.BufferedInputStream.read1(BufferedInputStream.java:258)
       at java.io.BufferedInputStream.read(BufferedInputStream.java:317)
       at com.sun.jndi.ldap.Connection.run(Connection.java:834)
       at java.lang.Thread.run(Thread.java:662)
Caused by: java.lang.RuntimeException: Could not generate DH keypair
       at com.sun.net.ssl.internal.ssl.DHCrypt.<init>(DHCrypt.java:106)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:556)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:183)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
       at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:958)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1204)
       at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:818)
       at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
       at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
       at java.io.BufferedInputStream.read1(BufferedInputStream.java:259)
       at java.io.BufferedInputStream.read(BufferedInputStream.java:317)
       at com.sun.jndi.ldap.Connection.run(Connection.java:835)
       ... 1 more
Caused by: java.security.InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 1024 (inclusive)
       at com.sun.crypto.provider.DHKeyPairGenerator.initialize(DashoA13*..)
       at java.security.KeyPairGenerator$Delegate.initialize(KeyPairGenerator.java:627)
       at com.sun.net.ssl.internal.ssl.DHCrypt.<init>(DHCrypt.java:100)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:556)
       at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:183)
       at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:594)
       ... 10 more  

Changes

 Setting up an external SSL enabled MSAD/LDAP external authentication provider in Shared Services

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
  


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.