Bug ID: JDK-8169964 Keystore password verification failed after JDK upgrade to 8u112

Type: Bug
Component: security-libs
Sub-Component: java.security
Affected Version: 8u112
Priority: P3
Status: Closed
Resolution: Cannot Reproduce
Submitted: 2016-11-18
Updated: 2016-12-09
Resolved: 2016-12-06
Submitter upgraded from 8u102 to 8u112 and is encountering the following exception : 

reminder.PaymentReminderException: Error calling Payment Service
	<snip>
	at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:78)
	at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3654)
	at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3620)
	at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:326)
	at weblogic.security.service.SecurityManager.runAsForUserCode(SecurityManager.java:196)
	at weblogic.servlet.provider.WlsSecurityProvider.runAsForUserCode(WlsSecurityProvider.java:203)
	at weblogic.servlet.provider.WlsSubjectHandle.run(WlsSubjectHandle.java:71)
	at weblogic.servlet.internal.WebAppServletContext.doSecuredExecute(WebAppServletContext.java:2423)
	at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2280)
	at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2258)
	at weblogic.servlet.internal.ServletRequestImpl.runInternal(ServletRequestImpl.java:1626)
	at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1586)
	at weblogic.servlet.provider.ContainerSupportProviderImpl$WlsRequestExecutor.run(ContainerSupportProviderImpl.java:270)
	at weblogic.invocation.ComponentInvocationContextManager._runAs(ComponentInvocationContextManager.java:348)
	at weblogic.invocation.ComponentInvocationContextManager.runAs(ComponentInvocationContextManager.java:333)
	at weblogic.work.LivePartitionUtility.doRunWorkUnderContext(LivePartitionUtility.java:54)
	at weblogic.work.PartitionUtility.runWorkUnderContext(PartitionUtility.java:41)
	at weblogic.work.SelfTuningWorkManagerImpl.runWorkUnderContext(SelfTuningWorkManagerImpl.java:617)
	at weblogic.work.ExecuteThread.execute(ExecuteThread.java:397)
	at weblogic.work.ExecuteThread.run(ExecuteThread.java:346)
Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
	at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
	at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:154)
	at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
	at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
	at org.apache.axis.client.Call.invoke(Call.java:2767)
	at org.apache.axis.client.Call.invoke(Call.java:2443)
	at org.apache.axis.client.Call.invoke(Call.java:2366)
	at org.apache.axis.client.Call.invoke(Call.java:1812)
	<snip>
Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
	at javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:248)
	at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:262)
	at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
	at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
	at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
	at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
	... 53 more
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
	at java.security.Provider$Service.newInstance(Provider.java:1617)
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
	at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
	at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
	at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:122)
	at org.apache.axis.components.net.JSSESocketFactory.initFactory(JSSESocketFactory.java:61)
	at org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:79)
	at org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
	at org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
	at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
	at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
	at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
	at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
	at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
	at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
	at org.apache.axis.client.Call.invoke(Call.java:2767)
	at org.apache.axis.client.Call.invoke(Call.java:2443)
	at org.apache.axis.client.Call.invoke(Call.java:2366)
	at org.apache.axis.client.Call.invoke(Call.java:1812)
        <snip>
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	... 39 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)
	at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)
	at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)
	at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)
	at java.security.KeyStore.load(KeyStore.java:1445)
	at sun.security.ssl.SSLContextImpl$DefaultManagersHolder.getKeyManagers(SSLContextImpl.java:850)
	at sun.security.ssl.SSLContextImpl$DefaultManagersHolder.<clinit>(SSLContextImpl.java:757)
	at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:912)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
	at java.security.Provider$Service.newInstance(Provider.java:1595)
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
	at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
	at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
	at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
	at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:122)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.apache.commons.httpclient.protocol.ReflectionSocketFactory.createSocket(ReflectionSocketFactory.java:112)
	at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:130)
	at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
	at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
	at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
	at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
        <snip>
	at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:507)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
	... 28 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
	at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)
	... 66 more
Submitter provided following update : === We have narrowed down the issue to applications using an old version of the apache axis client compiled w/jdk 1.4. apps using a newer version are Not impacted. === I'm closing this as not an issue.
06-12-2016
It could be possible that JDK-8134232 has caused a behavioural change for this application, Perhaps a bad password was always being encountered but was being handled differently with another exception stack.
18-11-2016