DB2 Connection Fails with "DH key size must be multiple of 64, and can only range from 512 to 8192 (inclusive). The specific key size 256 is not supported"
Answered
Hello Everyone,
I am trying to connect to DB2 (v11.5) using DataGrip (2020.2.3)
Build #DB-202.7319.56, built on September 15, 2020
Runtime version: 11.0.8+10-b944.31 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Windows Server 2019 10.0
GC: ParNew, ConcurrentMarkSweep
Memory: 1998M
Cores: 6
"Database manager authentication (AUTHENTICATION) = DATA_ENCRYPT"
I have set the JDBC Property "securityMechanism=13"
When I try totest the connection I get the below. Can anyone please suggest what I got do to make a successful connection?
Thanks!
Simba
[-4223] [jcc][1071][10615][4.32.28] Caught java.security.InvalidAlgorithmParameterException while initializing EncryptionManager. See attached Throwable for details. ERRORCODE=-4223, SQLSTATE=null
DH key size must be multiple of 64, and can only range from 512 to 8192 (inclusive). The sp
ecific key size 256 is not supported.
Please sign in to leave a comment.
In DataGrip, I also set the JAVA VM option to "-Djdk.tls.ephemeralDHKeySize=512".
Even the above did not help.
Hello,
Is it possible to check the issue with the latest stable IDE version?
ok. I downloaded the latest version and started the 30 day trial and tested the connection. This is what I got
DBMS: IBM Db2 LUW (no ver.)
Case sensitivity: plain=mixed, delimited=exact
[-4223] [jcc][1071][10615][4.32.28] Caught java.security.InvalidAlgorithmParameterException while initializing EncryptionManager. See attached Throwable for details. ERRORCODE=-4223, SQLSTATE=null
DH key size must be multiple of 64, and can only range from 512 to 8192 (inclusive). The specific key size 256 is not supported.
===================================================
DataGrip 2023.2.1
Build #DB-232.9559.28, built on August 16, 2023
Licensed to Trial User
Subscription is active until September 19, 2023.
Runtime version: 17.0.8+7-b1000.8 amd64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Windows Server 2019 10.0
GC: G1 Young Generation, G1 Old Generation
Memory: 2048M
Cores: 6
Please share idea.log file via https://uploads.jetbrains.com/ form after restarting IDE and reproducing the issue.
As advised, I restarted the IDE and reproduced the issue and uploaded the idea.log file and here is the
Upload id: 2023_08_22_25oLidfzCwyhbtUB76SuTR (file: idea.log)
@Yaroslav Bedrov are there any updates on this issue? Thanks!
Sorry, not yet. We're investigating the issue.
@Yaroslav Bedrov
Here is an update from my side. When I used the BouncyCastle Library to replace the existing JCE jar programmatically, I was able to successfully connect to the database in my Java program.
In JDK 1.8 it is lot easier to replace the deployed JCE jar with BouncyCastle jar. But I am not sure how to to do that with JDK 11 or JDK 17. Please share if any other simple solution that you guys are aware of.
It doesn't matter whether I use DataGrip or DBeaver or DBVisualizer it all points to the same error and it is to do with the JCE that comes with the JDK that is not allowing to connect.
Thanks in advance
Please check those discussions for possible solutions: https://github.com/dbeaver/dbeaver/issues/7250, https://www.ibm.com/support/pages/apar/PM17561
Also you may set JDK 1.8 as Driver JDK in "Drivers -> Advanced"
Db 11.5 does not support securityMechanism=13 (DATA_ENCRYPT), which why OP is unable to connect.