- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Created on 04-28-2017 12:14 AM
Affected versions:
1.4.x
Symptoms:
New recommendations are not displayed in the recommendations tab in the SmartSense view. There is a failure in hst-server.log :
2017-04-20 17:20:11,904 INFO [RecommendationAutoDownloadTask] GatewayClientHelper:74 - HTTP/1.1 200 OK 2017-04-20 17:20:11,904 INFO [RecommendationAutoDownloadTask] GatewayClientHelper:75 - OK 2017-04-20 17:20:11,907 ERROR [RecommendationAutoDownloadTask] ArchiveFileCrypto:240 - Invalid key. Illegal key size or default parameters 2017-04-20 17:20:11,907 ERROR [RecommendationAutoDownloadTask] RecommendationAutoDownloadTask:41 - Failed to download recommendations. Illegal key size or default parameters com.hortonworks.smartsense.anonymization.crypto.CryptoException: Illegal key size or default parameters at com.hortonworks.smartsense.anonymization.crypto.impl.ArchiveFileCrypto.decrypt(ArchiveFileCrypto.java:241) at com.hortonworks.smartsense.anonymization.crypto.FileDecryptor.decrypt(FileDecryptor.java:69) at com.hortonworks.support.tools.server.keygen.EncryptionKeyPairManager.decrypt(EncryptionKeyPairManager.java:109) at com.hortonworks.support.tools.gateway.GatewayClientHelper.getRecommendations(GatewayClientHelper.java:79) at com.hortonworks.support.tools.server.recommendation.RecommendationGatewayImpl.gatewayDownloadRecommendations(RecommendationGatewayImpl.java:66) at com.hortonworks.support.tools.server.BaseControllerModule$1.gatewayDownloadRecommendations(BaseControllerModule.java:83) at com.hortonworks.support.tools.server.recommendation.RecommendationGatewayImpl.download(RecommendationGatewayImpl.java:50) at com.hortonworks.support.tools.server.recommendation.RecommendationAutoDownloadTask.downloadRecommendations(RecommendationAutoDownloadTask.java:55) at com.hortonworks.support.tools.server.recommendation.RecommendationAutoDownloadTask.run(RecommendationAutoDownloadTask.java:39) at java.util.TimerThread.mainLoop(Timer.java:555) at java.util.TimerThread.run(Timer.java:505) Caused by: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026) at javax.crypto.Cipher.implInit(Cipher.java:801) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1249) at javax.crypto.Cipher.init(Cipher.java:1186) at com.hortonworks.smartsense.anonymization.crypto.impl.ArchiveFileCrypto.decrypt(ArchiveFileCrypto.java:233)
Reason:
Hortonworks Datalake uses longer keys to encrypt the recommendations for more secure communication. JCE Unlimited strength is required to decrypt the received recommendations. This above provided exception will typically occur if JCE unlimited strength is not available or used in the HST Server node.
Solution:
Install JCE Unlimited on HST Server for the available JDK version and restart HST Server. If JCE Unlimited is already available, then verify following:
JCE requires these 2 jars in JDK_HOME/jre/lib/security/
1. US_export_policy.jar
2. local_policy.jar
Right way to verify is to download the jars from Oracle site for a given jdk version and verify their checksum. Sometimes, these jars may be available in this dir but they are probably for a different jdk version.
