IBM Support

SSLKeyException: RSA premaster secret error Caused by InvalidKeyException



My java application using the Data Server Driver for JDBC (JCC) is failing to establish SSL connection with following error: SSLKeyException: RSA premaster secret error. Caused by: Illegal key size or default parameters.

Symptom RSA premaster secret error. Caused by: Illegal key size or default parameters


The default restricted policy file has a 2048 key size limit. If the RSA key size exceeds this limit then this error is expected.

Resolving The Problem

This issue can be resolved by upgrading to the unrestricted policy files, replacing the security policy files with the IBM unlimited cryptography files. Replace the local_policy.jar with the Unrestricted JCE policy File.

[{"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Programming Interface - JDBC","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"9.7;9.5;10.1;10.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
16 June 2018