JDK-8178429 : SSLHandshakeException "Unsupported curveId: 29"
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.net.ssl
  • Affected Version: 8u121
  • Priority: P3
  • Status: Closed
  • Resolution: Not an Issue
  • Submitted: 2017-04-11
  • Updated: 2017-05-24
  • Resolved: 2017-05-24
Related Reports
Relates :  
JDK-8171279 - Support X25519 and X448 in TLS
Description
8u102/8u121 and WLS 12.2.1  version, Logon to admin console fails.
The Log states couldn't connect to LDAO server showing unsupported CurveID 29.

This LDAPs ssl handshake exception occurred since upgrade to windows server 2016 Domain Controllers.
Comments
Dev engineer has confirmed my own thoughts. we seem to be getting a curve back from ServerHello message to use a curve that was never offered by Client. A possible bug in the server stack. Closing as not a bug for JDK. Dev reply === I had a quick glance of the bug information. Please correct me if I get something wrong. 1. The client requests to use EC curves: Extension elliptic_curves, curve names: { secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} 2. The server decide to use curve 29 (x25519). 3. The curve 29 is not a supported curve in client, and the client does not request to use this curve. The client cannot use it actually, and fail out. I guess there is a bug in MS AD Server 2016. If I'm correct in the above scenarios, we may contact MS if they know the issue or not.
24-05-2017
Main issue is the new curve which I have to assume is coming from the new MS AD server upgrade: == <Apr 10, 2017, 10:15:28,804 PM UTC> <Warning> <Security> <BEA-099117> <The LDAP authentication provider named "AD12" failed to make a connection to LDAO server at ldaps://testxxx.oracle.com:636, the error cause is: Unsupported curveId: 29.> == The JRE clientHello messages show that JRE is initiating connections with known curves : Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1, secp256k1} I notice the JRE clientHellos are requesting TLSv1.2 but the MS server appears to be sending back request for TLSv1.1 : == *** ServerHello, TLSv1.1 RandomCookie: GMT: 1475085312 bytes = { 53, 16, 224, 190, 212, 167, 254, 160, 229, 220, 125, 113, 160, 236, 239, 44, 183, 82, 188, 120, 212, 32, 147, 40, 177, 53, 185, 75 } Session ID: {23, 45, 0, 0, 234, 60, 2, 177, 36, 43, 144, 141, 6, 158, 101, 251, 91, 177, 37, 203, 176, 165, 232, 176, 80, 191, 35, 104, 156, 216, 152, 232} Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA == Please check if TLSv1.1 was intended. In the interim, I'll continue analyzing logs and code.
11-04-2017