<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>Hi,</p>
    <p>i enabled the logging but did not receive more usefull
      information.<br>
      Maybe an hint how i get this NPE, i run an SSL Scan on
      <a class="moz-txt-link-rfc2396E" href="https://www.ssllabs.com/ssltest/analyze.html">"https://www.ssllabs.com/ssltest/analyze.html"</a>.<br>
      And the check that cause the error contain an list of elliptical
      curves that are not all known i think.</p>
    <p>Gruß Thomas<br>
    </p>
    <p>And the Client Hello was:<br>
      <e protocol='TLSv1.2 TLSv1.2' greaseExt='0'
      extTypes='server_name elliptic_curves ec_point_formats
      signature_algorithms' greaseSuite='0'
      suites='TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      TLS_EMPTY_RENEGOTIATION_INFO_SCSV' greaseCurves='0'
      curves='sect163k1{TLSv1.3 sect163r1{TLSv1.3 sect163r2{TLSv1.3
      sect193r1{TLSv1.3 sect193r2{TLSv1.3 sect233k1{TLSv1.3
      sect233r1{TLSv1.3 sect239k1{TLSv1.3 sect283k1{TLSv1.3
      sect283r1{TLSv1.3 sect409k1{TLSv1.3 sect409r1{TLSv1.3
      sect571k1{TLSv1.3 sect571r1{TLSv1.3 secp160k1{TLSv1.3
      secp160r1{TLSv1.3 secp160r2{TLSv1.3 secp192k1{TLSv1.3
      secp192r1{TLSv1.3 secp224k1{TLSv1.3 secp224r1{TLSv1.3
      secp256k1{TLSv1.3 secp256r1 secp384r1 secp521r1 <font
        color="#ff0000">brainpoolP256r1 brainpoolP384r1 brainpoolP512r1
        ecdh_x25519 ecdh_x448 ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144
        ffdhe8192</font>' sigAlg='RSASSA-PSS_SHA256 ED25519
      SHA512withRSA SHA512withDSA SHA512withECDSA SHA384withRSA
      SHA384withDSA SHA384withECDSA SHA256withRSA SHA256withDSA
      SHA256withECDSA SHA224withRSA SHA224withDSA SHA224withECDSA
      SHA1withRSA SHA1withDSA SHA1withECDSA' points='uncompressed'
      compress='0' sni='1'/></p>
    <p>Hello.HEX=16030300C7010000C303035B7F325CC478E2CA4D83FF330D9771AD28CE4F1F36320859B416B1C5393CE57700000EC02CC00AC028C014C024C03000FF0100008C0000000E000C00000973756368652E6F7267000A00480046000100020003000400050006000700080009000A000B000C000D000E000F0010001100120013001400150016001700180019001A001B001C001D001E01000101010201030104000B00020100000D0024002208040807060106020603050105020503040104020403030103020303020102020203<br>
      <br>
      java.lang.NullPointerException<br>
              at
java.base/sun.security.ssl.SupportedGroupsExtension$SupportedGroups.getECGenParamSpec(SupportedGroupsExtension.java:676)<br>
              at
java.base/sun.security.ssl.SupportedGroupsExtension$NamedGroup.getParameterSpec(SupportedGroupsExtension.java:454)<br>
              at
java.base/sun.security.ssl.ECDHKeyExchange$ECDHEPossession.<init>(ECDHKeyExchange.java:111)<br>
              at
java.base/sun.security.ssl.ECDHKeyExchange$ECDHEPossessionGenerator.createPossession(ECDHKeyExchange.java:231)<br>
              at
java.base/sun.security.ssl.SSLKeyExchange$T12KeyAgreement.createPossession(SSLKeyExchange.java:357)<br>
              at
java.base/sun.security.ssl.SSLKeyExchange.createPossessions(SSLKeyExchange.java:88)<br>
              at
java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:429)<br>
              at
java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:290)<br>
              at
      java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:429)<br>
              at
java.base/sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1066)<br>
              at
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:833)<br>
              at
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)<br>
              at
      java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:390)<br>
              at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)<br>
              at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:978)<br>
              at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:958)<br>
              at
      java.base/java.security.AccessController.doPrivileged(Native
      Method)<br>
              at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:926)<br>
      <br>
    </p>
    <div class="moz-cite-prefix">On 24.08.2018 00:00:41, Jamil Nimeh
      wrote:<br>
    </div>
    <blockquote type="cite"
      cite="mid:82966446-732a-c992-0c7d-c8d6c8cba8c8@oracle.com">Hi
      Thomas, can you reproduce the issue with debug logging turned on? 
      It may be helpful in conjunction with the stack trace you've
      provided.  You should be able to turn it on with
      -Djavax.net.debug=ssl
      <br>
      <br>
      Thanks,
      <br>
      --Jamil
      <br>
      <br>
      On 8/23/2018 2:41 PM, Thomas Lußnig wrote:
      <br>
      <blockquote type="cite">Hi,
        <br>
        <br>
        i got these NPE on my Server. With Java:
        <br>
        <br>
        openjdk 11-ea 2018-09-25
        <br>
        OpenJDK Runtime Environment 18.9 (build 11-ea+25)
        <br>
        OpenJDK 64-Bit Server VM 18.9 (build 11-ea+25, mixed mode)
        <br>
        <br>
        java.lang.NullPointerException
        <br>
                at
java.base/sun.security.ssl.SupportedGroupsExtension$SupportedGroups.getECGenParamSpec(SupportedGroupsExtension.java:676)<br>
                at
java.base/sun.security.ssl.SupportedGroupsExtension$NamedGroup.getParameterSpec(SupportedGroupsExtension.java:454)<br>
                at
java.base/sun.security.ssl.ECDHKeyExchange$ECDHEPossession.<init>(ECDHKeyExchange.java:111)<br>
                at
java.base/sun.security.ssl.ECDHKeyExchange$ECDHEPossessionGenerator.createPossession(ECDHKeyExchange.java:231)<br>
                at
java.base/sun.security.ssl.SSLKeyExchange$T12KeyAgreement.createPossession(SSLKeyExchange.java:357)<br>
                at
java.base/sun.security.ssl.SSLKeyExchange.createPossessions(SSLKeyExchange.java:88)<br>
                at
java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:429)<br>
                at
java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:290)<br>
                at
        java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:429)
        <br>
                at
java.base/sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1066)<br>
                at
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:833)<br>
                at
java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:792)<br>
                at
        java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:390)
        <br>
                at
java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:445)<br>
                at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:978)<br>
                at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:958)<br>
                at
        java.base/java.security.AccessController.doPrivileged(Native
        Method)
        <br>
                at
java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:926)<br>
        <br>
      </blockquote>
      <br>
    </blockquote>
  </body>
</html>