int maxKeyLen – Cipher.getMaxAllowedKeyLength (“AES”); println (maxKeyLen); Please provide the code for use. Your problem seems to be very easy not to register the BC provider. Ignore all the TLS/JSSE things at the moment and let it work: . I also encounter this error with 1.8u211 on win7 64bit trying to get github.com with HttpsURLConnection: Hello. You can actually work with a password on your private key. see: issues.jenkins-ci.org/browse/JENKINS-32120 Once it works, you can also register the BCJSSE provider (you need both providers): how to compare this with your situation, @anthony-o? I managed to replicate this error without reconditioning with Oracle JRE 1.6.0-43 (yes, I know it`s old, I`m trying to convince my client to upgrade) to BC 1.61, but it works properly by lowering it to BC 1.60. This method reintegrates this keyagrement object so that it can be reused for other key chords. If this key agreement is not re-initiated by one of the init methods, the same private information and algorithm settings are used for the following key agreements. . OK, just managed to install Java SE 8u202 on Win7 64-bit and it works.
So I come to the conclusion that there is a problem/conflict with the 8u211. . As I explained on Stackoverflow, I try to use BouncyCastle libraries to access a secure let`s Encrypt website on JDK 1.6. In addition, the SNI bypass should be used in the #460 described as this: docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html also mentions that the unlimited strength directive is necessary for keys >2048 bits. I installed unlimited policy and checked in the script console of the slave node with: BTW, regarding the stackover flow problem, when using BCJSSE you have to set up: Ask questionsNoSuchAlgorithException: ECDH algorithm not available . I can confirm that in my case, reconditioning is the cause of my error. The reconditioning of the BC and Java SE lenses (unlike OpenJDK) was essentially “unsigned” and Java SE (unlike OpenJDK) refused to consider BC as a security provider. Sorry for the extra confusion.