You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by GBullock <gb...@surfrecon.com> on 2007/09/11 17:49:45 UTC

Re: no cipher suites in common for SslFilter



Will Tao-2 wrote:
> 
> Hi all,
> 
> I have download mina 1.0 and when I run the echoserver example with 
> TLS/SSL protocol, I got exception as followings.
> Also, when I tried to print the value in the 
> sslFilter.getEnabledCipherSuites(), it returns null.
> I also tried to use sslFilter.setEnabledCipherSuites() method to set 
> various cipher,  but I got exception as the algorithm is not supported.
> Any help would be very helpful, thanks.
> 
> 
> 
> 06-11-29 10:42:38,092 ERROR impl.JCLLoggerAdapter.error(ln:443) - 
> [/127.0.0.1:38478] EXCEPTION:
> javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
>         at 
> org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:424)
>         at 
> org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:502)
>         at 
> org.apache.mina.common.support.AbstractIoFilterChain.access$1000(AbstractIoFilterChain.java:52)
>         at 
> org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:777)
>         at 
> org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java:243)
>         at 
> org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(ExecutorFilter.java:305)
>         at 
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:987)
>         at 
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:528)
>         at java.lang.Thread.run(Thread.java:595)
> Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:994)
>         at 
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:459)
>         at 
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1054)
>         at 
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1026)
>         at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:411)
>         at 
> org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:520)
>         at 
> org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:293)
>         at 
> org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
>         ... 8 more
> Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
>         at 
> com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
>         at 
> com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1352)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
>         at 
> com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:639)
>         at 
> com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:450)
>         at 
> com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:178)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:437)
>         at java.security.AccessController.doPrivileged(Native Method)
>         at 
> com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Handshaker.java:932)
>         at 
> org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:747)
>         at 
> org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:485)
>         ... 10 more
> 
> 
> -- 
> Will Tao
>  
> 
> 
> 

FYI, When I got this message it was the result of my borrowed
"BogusSSLContextFactory" not finding my new certificate in its classpath. 
The keyStore.load method didn't complain that it got a null inputStream
(although I have since asked it to).  I also changed it to use a
FileInputStream instead of the getResourceAsStream.  

That "no cipher suites in common" message was rather unintuitive, but
whatcha gonna do.

HTH
-- 
View this message in context: http://www.nabble.com/no-cipher-suites-in-common-for-SslFilter-tf2722500s16868.html#a12617740
Sent from the Apache MINA Support Forum mailing list archive at Nabble.com.

Re: no cipher suites in common for SslFilter

Posted by Maarten Bosteels <mb...@gmail.com>.

For some ciphers you need to install the Java Cryptography Extension
Unlimited Strength Jurisdiction Policy Files 5.0

see http://java.sun.com/javase/downloads/index.jsp#docs

see also:
http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#AppA

Maarten

On 9/11/07, GBullock <gb...@surfrecon.com> wrote:
>
>
>
>
> Will Tao-2 wrote:
> >
> > Hi all,
> >
> > I have download mina 1.0 and when I run the echoserver example with
> > TLS/SSL protocol, I got exception as followings.
> > Also, when I tried to print the value in the
> > sslFilter.getEnabledCipherSuites(), it returns null.
> > I also tried to use sslFilter.setEnabledCipherSuites() method to set
> > various cipher,  but I got exception as the algorithm is not supported.
> > Any help would be very helpful, thanks.
> >
> >
> >
> > 06-11-29 10:42:38,092 ERROR impl.JCLLoggerAdapter.error(ln:443) -
> > [/127.0.0.1:38478] EXCEPTION:
> > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
> >         at
> > org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:424)
> >         at
> >
> org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived
> (AbstractIoFilterChain.java:502)
> >         at
> > org.apache.mina.common.support.AbstractIoFilterChain.access$1000(
> AbstractIoFilterChain.java:52)
> >         at
> >
> org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived
> (AbstractIoFilterChain.java:777)
> >         at
> > org.apache.mina.filter.executor.ExecutorFilter.processEvent(
> ExecutorFilter.java:243)
> >         at
> > org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run
> (ExecutorFilter.java:305)
> >         at
> >
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker
> (ThreadPoolExecutor.java:987)
> >         at
> >
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run
> (ThreadPoolExecutor.java:528)
> >         at java.lang.Thread.run(Thread.java:595)
> > Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in
> common
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:994)
> >         at
> > com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(
> SSLEngineImpl.java:459)
> >         at
> > com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(
> SSLEngineImpl.java:1054)
> >         at
> > com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1026)
> >         at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:411)
> >         at
> > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:520)
> >         at
> > org.apache.mina.filter.support.SSLHandler.messageReceived(
> SSLHandler.java:293)
> >         at
> > org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
> >         ... 8 more
> > Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in
> common
> >         at
> > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
> >         at
> > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java
> :1352)
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:164)
> >         at
> > com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(
> ServerHandshaker.java:639)
> >         at
> > com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(
> ServerHandshaker.java:450)
> >         at
> > com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(
> ServerHandshaker.java:178)
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:437)
> >         at java.security.AccessController.doPrivileged(Native Method)
> >         at
> > com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(
> Handshaker.java:932)
> >         at
> > org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:747)
> >         at
> > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:485)
> >         ... 10 more
> >
> >
> > --
> > Will Tao
> >
> >
> >
> >
>
> FYI, When I got this message it was the result of my borrowed
> "BogusSSLContextFactory" not finding my new certificate in its classpath.
> The keyStore.load method didn't complain that it got a null inputStream
> (although I have since asked it to).  I also changed it to use a
> FileInputStream instead of the getResourceAsStream.
>
> That "no cipher suites in common" message was rather unintuitive, but
> whatcha gonna do.
>
> HTH
> --
> View this message in context:
> http://www.nabble.com/no-cipher-suites-in-common-for-SslFilter-tf2722500s16868.html#a12617740
> Sent from the Apache MINA Support Forum mailing list archive at Nabble.com
> .
>
>