Graal: [native-image] SSLContext reflective instantation fails

Created on 1 May 2018  路  4Comments  路  Source: oracle/graal

Hello again, I've found another problem with native-image tool related to reflection I guess. When I compile http4s-blaze-client package with native-image I get:

java.security.NoSuchAlgorithmException: class configured for SSLContext (provider: SunJSSE) cannot be found.
        at java.lang.Throwable.<init>(Throwable.java:287)
        at java.lang.Exception.<init>(Exception.java:84)
        at java.security.GeneralSecurityException.<init>(GeneralSecurityException.java:71)
        at java.security.NoSuchAlgorithmException.<init>(NoSuchAlgorithmException.java:72)
        at java.security.Provider$Service.getImplClass(Provider.java:1649)
        at java.security.Provider$Service.newInstance(Provider.java:1592)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
        at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
        at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
        at org.http4s.client.blaze.Http1Support.$anonfun$sslContext$1(Http1Support.scala:32)
        at org.http4s.client.blaze.Http1Support$$Lambda$12206/202650241.apply(Unknown Source)
        at scala.Option.getOrElse(Option.scala:121)
        at org.http4s.client.blaze.Http1Support.<init>(Http1Support.scala:32)
        at org.http4s.client.blaze.Http1Support$.apply(Http1Support.scala:23)
        at org.http4s.client.blaze.Http1Client$.mkClient(Http1Client.scala:24)
        at org.http4s.client.blaze.Http1Client$.$anonfun$apply$1(Http1Client.scala:17)

Missing class in question is sun.security.ssl.SSLContextImpl. Is providing a shim the only way to work around this class of problems?

feature native-image
Source
picture lbialy
👍6

Most helpful comment

This should be fixed in https://github.com/oracle/graal/commit/76d043560571c3f6c4c0d76f89cb876451062251 which adds support for HTTPS and JCA security services. You need to run native-image with --enable-https or --enable-url-protocols=https. These features will be available in the rc7 realease. See URL-PROTOCOLS.md and JCA-SECURITY-SERVICES.md for details.

picture cstancu on 19 Sep 2018
12 🎉12

All 4 comments

@lbialy support for the Java security packages is currently under development. There is no workaround for it at this point.

cstancu picture cstancu on 2 May 2018
👍3

Workaround that works if you don't actually use https:

  class DummySSLContext(spi: SSLContextSpi, provider: Provider, s: String) extends SSLContext(spi, provider, s) {
  }

  private def sslContext: SSLContext = new DummySSLContext(null, null, null)
lbialy picture lbialy on 3 May 2018
👍3

Really looking forward to compiling our cli with native-image when ssl/https support lands. Any updates on when it might be implemented or any pointers on how to contribute to make this work?

danielnorberg picture danielnorberg on 23 May 2018
👍10

This should be fixed in https://github.com/oracle/graal/commit/76d043560571c3f6c4c0d76f89cb876451062251 which adds support for HTTPS and JCA security services. You need to run native-image with --enable-https or --enable-url-protocols=https. These features will be available in the rc7 realease. See URL-PROTOCOLS.md and JCA-SECURITY-SERVICES.md for details.

cstancu picture cstancu on 19 Sep 2018
12 🎉12
Was this page helpful?
0 / 5 - 0 ratings

Related issues

sebthom picture sebthom  路  3Comments
helloguo picture helloguo  路  3Comments
jinwuxia picture jinwuxia  路  3Comments
borkdude picture borkdude  路  3Comments
janostgren picture janostgren  路  3Comments