One of our experts can figure out the correct TLS settings for your system.

Subscribers click here.

Security Resources

Issue Tracker - Security

Need more help? Learn about
Oracle Java Support subscriptions

'javax.net.ssl.SSLHandshakeException' Errors when Using Third-Party BouncyCastle Provider


Applies to

Java SE JDK and JRE - Version 8 and later
Any platform


Symptoms

After upgrading to Java 8u341 or later, the following handshaking error may be observed:

javax.net.ssl|WARNING|0A|Thread-0|2022-03-31 16:16:50.550 AEST|SignatureScheme.java:208|RSASSA-PSS signature with SHA-256 is not supported by the underlying providers (
"throwable" : {
    java.security.NoSuchAlgorithmException: no such algorithm: RSASSA-PSS for provider BCFIPS
    at sun.security.jca.GetInstance.getService(GetInstance.java:101)

Cause

The issue occurs when RSASSA-PSS Signature service is being used in TLS communication with Bouncy Castle FIPS provider (prior to version 1.0.2.3).

The issue is the non-availability of support for RSASSA-PSS Signature schemes with Bouncy Castle FIPS provider (prior to version 1.0.2.3).

For applications updating to Java 8u341 or later, TLSv1.3 is enabled by default for client-side TLS usage.

The TLSv1.3 is limited to PKCS#1 variants of RSA signatures. The JSSE is thus limited to using a rsa_pkcs1_sha1, rsa_pkcs1_sha256, rsa_pkcs1_sha384, or rsa_pkcs1_sha512 signature scheme. This would affect the applications using bc-fips version 1.0.2.1 and earlier.


Solution

Upgrade to bc-fips version 1.0.2.4.

If TLSv1.3 is being used in TLS communication, downgrade the protocol version using system property jdk.tls.client.protocols=TLSv1.2, which uses the prior version of RSA padding signature schemes.


Last reviewed on Sat Feb 01 2025 00:00:00 GMT+0000 (Coordinated Universal Time)