javax.net.ssl.SSLException: No PSK available. Unable to resume

I am using Jetty client to send outgoing requests. Code that runs perfectly under Java 10 suddenly gets the following exception under Java 11:

javax.net.ssl.SSLException: No PSK available. Unable to resume. at (Alert.java:129) at (Alert.java:117) at (TransportContext.java:308) at (TransportContext.java:264) at (TransportContext.java:255) at (ServerHello.java:1224) at (ServerHello.java:984) at (ServerHello.java:872) at (SSLHandshake.java:392) at (HandshakeContext.java:444) at (SSLEngineImpl.java:1065) at (SSLEngineImpl.java:1052) at (Native Method) at (SSLEngineImpl.java:999) at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:511) at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.process(HttpReceiverOverHTTP.java:128) at org.eclipse.jetty.client.http.HttpReceiverOverHTTP.receive(HttpReceiverOverHTTP.java:73) at org.eclipse.jetty.client.http.HttpChannelOverHTTP.receive(HttpChannelOverHTTP.java:133) at org.eclipse.jetty.client.http.HttpConnectionOverHTTP.onFillable(HttpConnectionOverHTTP.java:155) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:411) at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:305) at org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:159) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118) 

I filed a bug report with Jetty here but I'm wondering: what does the error message actually mean? Is something wrong in my environment or does the error mean that Jetty is not configuring the connection correctly?

1

3 Answers

there is a bug in JDK 11:

you have to either:

  • wait for the release of JDK 12
  • update to JDK 11.0.3+ that includes backport
  • or use this command line parameter as a workaround: -Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
2

As Adam from WALCZAK.IT's answer didn't work for me, I found out that the final solution is to add TLSv1.3 to the jdk.tls.disabledAlgorithms in java.security file under conf in your java directory.

So, open java.security under %JAVA_HOME%\conf, find jdk.tls.disabledAlgorithms and append , TLSv1.3.

3

I found a solution that worked for me that add this into your gradle.properties.

Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2 JAVA_TOOL_OPTIONS=-Dhttps.protocols=TLSv1.2 systemProp.http.proxyHost=fodev.org systemProp.http.proxyPort=8118 systemProp.http.nonProxyHosts=*.jitpack.io, *.maven.org systemProp.https.proxyHost=fodev.org systemProp.https.proxyPort=8118 systemProp.https.nonProxyHosts=*.jitpack.io, *.maven.org 

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.

You Might Also Like