Session.connect: java.security.InvalidAlgorithmParameterException error when connecting to IBM Sterling Commerce via SFTP

Document created by Adam Arrowsmith Employee on Sep 26, 2016Last modified by Adam Arrowsmith Employee on Sep 28, 2016
Version 2Show Document
  • View in full screen mode

Error

You receive the following error (or similar) when attempting to connect to IBM Sterling Commerce using the SFTP connector:

 

Failed to connect to host: <SFTP_HOST> on port 10022. Exception message is: Session.connect: java.security.InvalidAlgorithmParameterException: Prime size must be multiple of 64, and can only range from 512 to 2048 (inclusive);

 

Cause

This SFTP server uses an SSH PuTTY key which is not supported by the default Oracle Java JCE. From SFTP connection:

NOTE: Dell Boomi AtomSphere does not support the proprietary PuTTY key format (.ppk). To use these keys, export them as OpenSSH keys using the PuTTYgen program.

 

Solution

Download and install into the Atom's JRE a different Java JCE provider such as BouncyCastle. Note this solution is only applicable to locally installed runtimes, not any of the Dell Boomi hosted Atom Clouds.

 

Example configuration using BouncyCastle:

  1. Download the latest PROVIDER JCE library (e.g. bcprov-jdk15on-155.jar) from here.
  2. Locate the Java JRE location used by the Atom.
  3. Place the BouncyCastle jar file in ../<JAVA_HOME>/lib/ext.
  4. Edit the ../<JAVA_HOME>lib/security/java.security file in a text editor.
  5. Find the list of providers and add the provider's implementation class as the default security provider (add a new security.provider.1 and renumber the other providers accordingly):
    ...
    # List of providers and their preference orders (see above):
    #
    security.provider.1=org.bouncycastle.jce.provider.BouncyCastleProvider
    security.provider.2=sun.security.provider.Sun
    security.provider.3=sun.security.rsa.SunRsaSign
    security.provider.4=sun.security.ec.SunEC
    security.provider.5=com.sun.net.ssl.internal.ssl.Provider
    security.provider.6=com.sun.crypto.provider.SunJCE
    ...
  6. Save the file.
  7. Stop and restart the Atom.

 

2 people found this helpful

Attachments

    Outcomes