A bug in JDK 1.4.2_06 (and presumably other 1.4.*) prevents Sun's JDK from accessing SSL sites with >1024 bit SSL certificates. The following prescription can be used to work around this. You will write access to the Java installation directory (<JAVA_HOME>) to apply these fixes.
- Download the sun unlimited strength encryption files from Sun from the bottom of http://java.sun.com/j2se/1.4.2/download.html (If you are not in the US check on the legality of doing this!)
- From the downloaded archive copy local_policy.jar and US_export_policy.jar into your <JAVA_HOME>/jre/lib/security directory replacing the files that are there (you may want to save the old files first, just in case).
- Download the bouncy castle crytography provider for JDK 1.4 from here: http://www.bouncycastle.org/download/bcprov-jdk14-125.jar
- Copy the downloaded jar file to <JAVA_HOME>/jre/lib/ext
- Edit the file <JAVA_HOME>/jre/lib /security/java.security. Add a new line to put the bouncycastle cryptography provider at postion 2.
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider security.provider.1=sun.security.provider.Sun security.provider.3=com.sun.net.ssl.internal.ssl.Provider security.provider.4=com.sun.rsajca.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider
That should be it
This bug does not affect jdk 1.5, so a perhaps easier solution is simply to upgrade. You will still need to download the unlimited strength encryption files from: http://java.sun.com/j2se/1.5.0/download.jsp