You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Anandi Vyagrapuri <va...@yahoo.com> on 2006/07/12 21:27:12 UTC
What are ciphers ?
Hi,
Can naybody tell me what ciphers are and what i
ciphers i must use with SSL ?
Thanks
Anandi
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: What are ciphers ?
Posted by Anandi Vyagrapuri <va...@yahoo.com>.
thanks for the description. That was helpful .
I am trying to configure SSL with tomcat and get the
following error .. I do not understand what i need to
configure to get the correct ciphers to work with my
certificate. The same certificate works fine with IIS.
------------------------------------------------------
WARNING: Reinitializing ServerSocket
Jul 12, 2006 3:18:41 PM
org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint [SSL:
ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=443]]
ignored exception: java.net.SocketException: SSL
handshake errorjavax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL
cipher suites which are enabled.
java.net.SocketException: SSL handshake
errorjavax.net.ssl.SSLException: No available
certificate or key corresponds to the SSL cipher
suites which are enabled.
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:113)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:407)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:70)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
Jul 12, 2006 3:18:41 PM
org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
WARNING: Reinitializing ServerSocket
Jul 12, 2006 3:18:41 PM
org.apache.tomcat.util.net.PoolTcpEndpoint
acceptSocket
SEVERE: Endpoint [SSL:
ServerSocket[addr=0.0.0.0/0.0.0.0,port=0,localport=443]]
ignored exception: java.net.SocketException: SSL
handshake errorjavax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL
cipher suites which are enabled.
java.net.SocketException: SSL handshake
errorjavax.net.ssl.SSLException: No available
certificate or key corresponds to the SSL cipher
suites which are enabled.
at
org.apache.tomcat.util.net.jsse.JSSESocketFactory.acceptSocket(JSSESocketFactory.java:113)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.acceptSocket(PoolTcpEndpoint.java:407)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:70)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
--- Mike Klein <mi...@sbcglobal.net> wrote:
> D:\Projects\v4kernel>openssl ciphers
>
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:DHE-DSS-RC4-SHA:RC4-SH
>
A:RC4-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA
>
:EXP1024-RC4-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5
>
> Clarification...cipher is "cryptographic" algorithm.
>
> Ciphersuite is a list of ciphers that can be used.
> Each entry consists
> of compound string specifying choice of key
> exchange, encryption, and
> hashing algorithms/sizes to use.
>
>
> mike
>
> Mike Klein wrote:
> > A little googling will get you what you want.
> >
> > A cipher is a security algorithm (des, rc, etc.).
> Ciphertext is
> > cleartext (plaintext) which has been encrypted
> using an algorithm
> > (cipher) and a key.
> >
> > You can use ssl handshaking to see supported
> ciphers and java jsse has
> > methods for dumping this information out. Get list
> of providers and
> > start calling dump routines.
> >
> >
> > mike
> >
> >
> >> Anandi Vyagrapuri wrote:
> >>
> >>
> >>> Hi,
> >>> Can naybody tell me what ciphers are and what i
> >>> ciphers i must use with SSL ?
> >>>
> >>> Thanks
> >>> Anandi
> >>>
> >>>
> __________________________________________________
> >>> Do You Yahoo!?
> >>> Tired of spam? Yahoo! Mail has the best spam
> protection around
> >>> http://mail.yahoo.com
> >>>
> >>>
>
---------------------------------------------------------------------
> >>> To start a new topic, e-mail:
> users@tomcat.apache.org
> >>> To unsubscribe, e-mail:
> users-unsubscribe@tomcat.apache.org
> >>> For additional commands, e-mail:
> users-help@tomcat.apache.org
> >>>
> >>>
> >>>
> >>>
> >>>
> >>
> >>
> >
> >
>
---------------------------------------------------------------------
> > To start a new topic, e-mail:
> users@tomcat.apache.org
> > To unsubscribe, e-mail:
> users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail:
> users-help@tomcat.apache.org
> >
> >
> >
>
>
---------------------------------------------------------------------
> To start a new topic, e-mail:
> users@tomcat.apache.org
> To unsubscribe, e-mail:
> users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail:
> users-help@tomcat.apache.org
>
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: What are ciphers ?
Posted by Mike Klein <mi...@sbcglobal.net>.
D:\Projects\v4kernel>openssl ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:DHE-DSS-RC4-SHA:RC4-SH
A:RC4-MD5:RC4-MD5:RC4-64-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA
:EXP1024-RC4-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5
Clarification...cipher is "cryptographic" algorithm.
Ciphersuite is a list of ciphers that can be used. Each entry consists
of compound string specifying choice of key exchange, encryption, and
hashing algorithms/sizes to use.
mike
Mike Klein wrote:
> A little googling will get you what you want.
>
> A cipher is a security algorithm (des, rc, etc.). Ciphertext is
> cleartext (plaintext) which has been encrypted using an algorithm
> (cipher) and a key.
>
> You can use ssl handshaking to see supported ciphers and java jsse has
> methods for dumping this information out. Get list of providers and
> start calling dump routines.
>
>
> mike
>
>
>> Anandi Vyagrapuri wrote:
>>
>>
>>> Hi,
>>> Can naybody tell me what ciphers are and what i
>>> ciphers i must use with SSL ?
>>>
>>> Thanks
>>> Anandi
>>>
>>> __________________________________________________
>>> Do You Yahoo!?
>>> Tired of spam? Yahoo! Mail has the best spam protection around
>>> http://mail.yahoo.com
>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>>>
>>>
>>
>>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: What are ciphers ?
Posted by Mike Klein <mi...@sbcglobal.net>.
A little googling will get you what you want.
A cipher is a security algorithm (des, rc, etc.). Ciphertext is
cleartext (plaintext) which has been encrypted using an algorithm
(cipher) and a key.
You can use ssl handshaking to see supported ciphers and java jsse has
methods for dumping this information out. Get list of providers and
start calling dump routines.
mike
> Anandi Vyagrapuri wrote:
>
>> Hi,
>> Can naybody tell me what ciphers are and what i
>> ciphers i must use with SSL ?
>>
>> Thanks
>> Anandi
>>
>> __________________________________________________
>> Do You Yahoo!?
>> Tired of spam? Yahoo! Mail has the best spam protection around
>> http://mail.yahoo.com
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>>
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org