search

Keyfactor / ejbca-ce

EJBCA® – Open-source public key infrastructure (PKI) and certificate authority (CA) software.
https://www.ejbca.org/
GNU Lesser General Public License v2.1
611 stars 106 forks source link

RA parsing of CSR with Ed25519 key fails with Java 17, but works with Java 11 #515

Closed lucistanescu closed 5 months ago

lucistanescu commented 7 months ago

I tried to switch the EJBCA CE installation from Java 11 to Java 17. Everything seems to work fine, apart from attempting to issue certificates for Ed25519 keys.

Exception printed right after uploading the below-mentioned CSR to the RA web interface:

2024-02-21 14:33:35,037 ERROR [stderr] (default I/O-28) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,040 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,060 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,062 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,082 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,092 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,098 ERROR [stderr] (default task-4) Provider: MessageDigest.SHA1 algorithm from: SUN
2024-02-21 14:33:35,099 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,120 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,121 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,142 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,143 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,163 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,165 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,185 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,245 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,266 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,267 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: encryption, algorithm from: SunJCE
2024-02-21 14:33:35,307 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,308 ERROR [stderr] (default task-4) Provider: Cipher.AES/GCM/NoPadding, mode: decryption, algorithm from: SunJCE
2024-02-21 14:33:35,339 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/cert/crmf/CRMFException.class
2024-02-21 14:33:35,340 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/cert/crmf/PKMACValuesCalculator.class
2024-02-21 14:33:35,342 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequest.class
2024-02-21 14:33:35,342 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/pkcs/PKCSException.class
2024-02-21 14:33:35,343 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/cms/CMSSignedGenerator.class
2024-02-21 14:33:35,344 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/operator/DigestAlgorithmIdentifierFinder.class
2024-02-21 14:33:35,344 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/asn1/cms/CMSObjectIdentifiers.class
2024-02-21 14:33:35,345 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/pkcs/PKCSIOException.class
2024-02-21 14:33:35,345 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/asn1/pkcs/Attribute.class
2024-02-21 14:33:35,346 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/asn1/pkcs/CertificationRequest.class
2024-02-21 14:33:35,346 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/asn1/pkcs/CertificationRequestInfo.class
2024-02-21 14:33:35,347 ERROR [stderr] (default task-4) jar: beginEntry org/bouncycastle/jcajce/util/DefaultJcaJceHelper.class
2024-02-21 14:33:35,348 ERROR [stderr] (default task-4) jar: beginEntry META-INF/versions/9/org/bouncycastle/pqc/jcajce/interfaces/FalconPublicKey.class
2024-02-21 14:33:35,348 ERROR [stderr] (default task-4) jar: beginEntry META-INF/versions/9/org/bouncycastle/pqc/jcajce/interfaces/FalconKey.class
2024-02-21 14:33:35,348 ERROR [stderr] (default task-4) jar: beginEntry META-INF/versions/9/org/bouncycastle/pqc/jcajce/interfaces/DilithiumPublicKey.class
2024-02-21 14:33:35,349 ERROR [stderr] (default task-4) jar: beginEntry META-INF/versions/9/org/bouncycastle/pqc/jcajce/interfaces/DilithiumKey.class
2024-02-21 14:33:35,350 WARNING [javax.enterprise.resource.webcontainer.jsf.lifecycle] (default task-4) #{enrollMakeNewRequestBean.uploadCsr}: java.lang.NullPointerException: Cannot invoke "String.length()" because "<parameter1>" is null: javax.faces.FacesException: #{enrollMakeNewRequestBean.uploadCsr}: java.lang.NullPointerException: Cannot invoke "String.length()" because "<parameter1>" is null
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.application.ActionListenerImpl.getNavigationOutcome(ActionListenerImpl.java:96)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:71)
    at javax.faces.api@3.1.0.SP01//javax.faces.component.UICommand.broadcast(UICommand.java:222)
    at javax.faces.api@3.1.0.SP01//javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:847)
    at javax.faces.api@3.1.0.SP01//javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1396)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:58)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.lifecycle.Phase.doPhase(Phase.java:76)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:177)
    at javax.faces.api@3.1.0.SP01//javax.faces.webapp.FacesServlet.executeLifecyle(FacesServlet.java:707)
    at javax.faces.api@3.1.0.SP01//javax.faces.webapp.FacesServlet.service(FacesServlet.java:451)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
    at io.opentracing.contrib.opentracing-jaxrs2//io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:52)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at deployment.ejbca.ear.ra-gui.war//org.ejbca.ra.jsfext.NoCacheFilter.doFilter(NoCacheFilter.java:68)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at deployment.ejbca.ear.ra-gui.war//org.ejbca.ra.jsfext.RequestControlFilter.doFilter(RequestControlFilter.java:180)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at deployment.ejbca.ear//org.owasp.filters.ContentSecurityPolicyFilter.doFilter(ContentSecurityPolicyFilter.java:137)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at deployment.ejbca.ear//org.ejbca.util.ServiceControlFilter.doFilter(ServiceControlFilter.java:147)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
    at org.wildfly.security.elytron-web.undertow-server@1.10.1.Final//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.lambda$handleRequest$1(ElytronRunAsHandler.java:68)
    at org.wildfly.security.elytron-base@1.19.1.Final//org.wildfly.security.auth.server.FlexibleIdentityAssociation.runAsFunctionEx(FlexibleIdentityAssociation.java:103)
    at org.wildfly.security.elytron-base@1.19.1.Final//org.wildfly.security.auth.server.Scoped.runAsFunctionEx(Scoped.java:161)
    at org.wildfly.security.elytron-base@1.19.1.Final//org.wildfly.security.auth.server.Scoped.runAs(Scoped.java:73)
    at org.wildfly.security.elytron-web.undertow-server@1.10.1.Final//org.wildfly.elytron.web.undertow.server.ElytronRunAsHandler.handleRequest(ElytronRunAsHandler.java:67)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:68)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:117)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
    at io.undertow.core@2.2.19.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.core@2.2.19.Final//io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
    at io.undertow.core@2.2.19.Final//io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
    at io.undertow.core@2.2.19.Final//io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
    at org.wildfly.security.elytron-web.undertow-server-servlet@1.10.1.Final//org.wildfly.elytron.web.undertow.server.servlet.CleanUpHandler.handleRequest(CleanUpHandler.java:38)
    at io.undertow.core@2.2.19.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
    at io.undertow.core@2.2.19.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.SendErrorPageHandler.handleRequest(SendErrorPageHandler.java:52)
    at io.undertow.core@2.2.19.Final//io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:275)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:79)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:134)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:131)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at org.wildfly.extension.undertow@26.1.3.Final//org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1544)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:255)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:79)
    at io.undertow.servlet@2.2.19.Final//io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:100)
    at io.undertow.core@2.2.19.Final//io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
    at io.undertow.core@2.2.19.Final//io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:852)
    at org.jboss.threads@2.4.0.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
    at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1990)
    at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486)
    at org.jboss.threads@2.4.0.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377)
    at org.jboss.xnio@3.8.7.Final//org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1282)
    at java.base/java.lang.Thread.run(Thread.java:840)
Caused by: javax.faces.el.EvaluationException: java.lang.NullPointerException: Cannot invoke "String.length()" because "<parameter1>" is null
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:76)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.application.ActionListenerImpl.getNavigationOutcome(ActionListenerImpl.java:82)
    ... 73 more
Caused by: java.lang.NullPointerException: Cannot invoke "String.length()" because "<parameter1>" is null
    at deployment.ejbca.ear//org.bouncycastle.jce.ECNamedCurveTable.possibleOID(Unknown Source)
    at deployment.ejbca.ear//org.bouncycastle.jce.ECNamedCurveTable.getParameterSpec(Unknown Source)
    at deployment.ejbca.ear//com.keyfactor.util.crypto.algorithm.AlgorithmTools.getEcKeySpecAliases(AlgorithmTools.java:724)
    at deployment.ejbca.ear//org.cesecore.certificates.certificateprofile.CertificateProfile.isKeyTypeAllowed(CertificateProfile.java:1469)
    at deployment.ejbca.ear.ra-gui.war//org.ejbca.ra.EnrollMakeNewRequestBean.validateCsr(EnrollMakeNewRequestBean.java:1773)
    at deployment.ejbca.ear.ra-gui.war//org.ejbca.ra.EnrollMakeNewRequestBean.uploadCsr(EnrollMakeNewRequestBean.java:919)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    at org.glassfish.jakarta.el@3.0.3.jbossorg-4//com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:153)
    at org.glassfish.jakarta.el@3.0.3.jbossorg-4//com.sun.el.parser.AstValue.invoke(AstValue.java:261)
    at org.glassfish.jakarta.el@3.0.3.jbossorg-4//com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:237)
    at org.jboss.weld.core@3.1.9.Final//org.jboss.weld.module.web.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40)
    at org.jboss.weld.core@3.1.9.Final//org.jboss.weld.module.web.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
    at org.jboss.weld.core@3.1.9.Final//org.jboss.weld.module.web.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40)
    at org.jboss.weld.core@3.1.9.Final//org.jboss.weld.module.web.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:65)
    at com.sun.jsf-impl@2.3.17.SP01//com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:66)
    ... 74 more

Actual CSR this was tested with:

-----BEGIN CERTIFICATE REQUEST-----
MIHKMH4CAQAwSzELMAkGA1UEBhMCUk8xEzARBgNVBAgMClNvbWUtU3RhdGUxDTAL
BgNVBAoMBENOSVgxGDAWBgNVBAMMD2RiMS52cGMuY25peC5ybzAqMAUGAytlcAMh
ANT+0SSQx+Vq2F52hoD84fzay5aB0edFH5Y3PBQcqXjRoAAwBQYDK2VwA0EAi5Jl
UxJc1SOKNjqOjnNgVhdZ267rZvSamUMl9EoGRCOICU+8FNVkz3pLFzqVOhvbMwkO
m8VR95PHW4FmmlC0CA==
-----END CERTIFICATE REQUEST-----

To Reproduce

Steps to reproduce the behavior:

  1. Browse to /ejbca/ra/enrollmakenewrequest.xhtml
  2. Choose Certificate Type ('EMPTY' will do just fine).
  3. Choose Certificate Subtype (any will do just fine).
  4. Choose CA (the generated Management CA will do just fine).
  5. Choose 'Provided by the user' for key-pair generation.
  6. Paste the above mentioned CSR.
  7. Click 'Upload CSR'.
  8. Notice the error and check the server log.

Simply replacing openjdk-17-jdk-headless with openjdk-11-jdk-headless and performing ant -q clean deployear is enough to get this to work as expected.

Expected Behavior

The CSR is parsed and its details are printed, allowing the process to continue

Product Deployment

OS: Ubuntu 22.04 Deployment format: software using WildFly 26.1.3 EJBCA version: 8.2.0.1 Java version: openjdk version "17.0.9" 2023-10-17 OpenJDK Runtime Environment (build 17.0.9+9-Ubuntu-122.04) OpenJDK 64-Bit Server VM (build 17.0.9+9-Ubuntu-122.04, mixed mode, sharing)

Java options contain: --add-exports=jdk.crypto.cryptoki/sun.security.pkcs11.wrapper=ALL-UNNAMED -Djava.security.debug=all

Desktop

OS: macOS Ventura Browser: Safari Version: 17

primetomas commented 7 months ago

Thanks, I registered this ticket internally under our Java 17 and 21 Epic.

primetomas commented 5 months ago

Thanks again for the report. This has been fixed and will be released in the upcoming may release.