You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jing Chen <ji...@yahoo.com> on 2010/08/11 01:51:25 UTC
java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
After getting a new SSL certificate from GeoTrust, I keep getting the following
error after starting JBoss 4.0.5:
java.net.SocketException: SSL handshake errorj avax.net.ssl.SSLException: No
available certificate or key corresponds to the SSL cipher suites which are
enabled.
I first imported the intermediate certificate with alias root, then import the
final certificate with another alias name.
Can someone help me figuring out where is the missing piece?
Thanks!!
Re: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException:
No available certificate or key corresponds to the SSL cipher suites which
are enabled.
Posted by Estanislao Gonzalez <es...@zmaw.de>.
Hi Jing,
then you are luckier than me, as I still have no solution for my problem ;-)
So I think your problem might be, as the message suggests ;-), problem
between the ciphering used in the trustore, the certificate signature
and/or tomcat.
check the cipher parameter of the connector, and also read these:
https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO7394
https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO10903
https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO10061
Good luck!
Estani
Jing Chen wrote:
> Hi Estani
>
>
> Thanks for your suggestions. I added the javax.net.ssl.trustStore and
> javax.net.ssl.trustStorePassword to the JVM parameters, but I am still getting
> the same error message when JBoss starts.
>
> Any thoughts?
>
> Thanks
> Jing
>
>
> ________________________________
> From: Estanislao Gonzalez <es...@zmaw.de>
> To: Tomcat Users List <us...@tomcat.apache.org>
> Sent: Wed, August 11, 2010 7:59:07 AM
> Subject: Re: java.net.SocketException: SSL handshake
> errorjavax.net.ssl.SSLException: No available certificate or key corresponds to
> the SSL cipher suites which are enabled.
>
> Hi,
> Just in case this is also related to my problem that truststoreFile is not being
> read while redirecting from http. Check pointing to the file with the JVM param:
> -Djavax.net.ssl.trustStore=
>
> And if this works but your truststoreFile param at the connector don't write
> some feedback.
>
> thanks,
> estani
>
> Richard G Curry wrote:
>
>> We got that early on when we first started working SSL secured sockets in our
>> app and it was due to us not actually pointing to the correct certificate files
>> and instead still going for the older ones. Is this a possibility in your
>> situation?
>>
>> _______________________________________________________________________________________
>> _
>> «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
>> _______________________________________________________________________________________
>> _
>> Rick Curry
>> Common Services - Software Development
>> E2 - 066, MS 5210
>> 972-431-9178 (Voice)
>> 972-585-7585 (Pager)
>> To send a (short) Text Message to my Pager:
>> 9725857585@page.metrocall.com
>>
>> -----Original Message-----
>> From: Jing Chen [mailto:jingc3@yahoo.com] Sent: Tuesday, August 10, 2010 6:51
>> PM
>> To: users@tomcat.apache.org
>> Subject: java.net.SocketException: SSL handshake
>> errorjavax.net.ssl.SSLException: No available certificate or key corresponds to
>> the SSL cipher suites which are enabled.
>>
>> After getting a new SSL certificate from GeoTrust, I keep getting the following
>> error after starting JBoss 4.0.5:
>> java.net.SocketException: SSL handshake errorj avax.net.ssl.SSLException: No
>> available certificate or key corresponds to the SSL cipher suites which are
>> enabled.
>>
>> I first imported the intermediate certificate with alias root, then import the
>> final certificate with another alias name.
>>
>> Can someone help me figuring out where is the missing piece?
>>
>> Thanks!!
>> The information transmitted is intended only for the person or entity to
>> which it is addressed and may contain confidential and/or privileged material.
>> If the reader of this message is not the intended recipient,
>> you are hereby notified that your access is unauthorized, and any review,
>> dissemination, distribution or copying of this message including any
>> attachments is strictly prohibited. If you are not the intended
>> recipient, please contact the sender and delete the material from any
>> computer.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
>
>
> -- Estanislao Gonzalez
>
> Max-Planck-Institut für Meteorologie (MPI-M)
> Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre
> Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany
>
> Phone: +49 (40) 46 00 94-126
> E-Mail: estanislao.gonzalez@zmaw.de
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
Estanislao Gonzalez
Max-Planck-Institut für Meteorologie (MPI-M)
Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre
Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany
Phone: +49 (40) 46 00 94-126
E-Mail: estanislao.gonzalez@zmaw.de
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
Posted by Jing Chen <ji...@yahoo.com>.
Hi Estani
Thanks for your suggestions. I added the javax.net.ssl.trustStore and
javax.net.ssl.trustStorePassword to the JVM parameters, but I am still getting
the same error message when JBoss starts.
Any thoughts?
Thanks
Jing
________________________________
From: Estanislao Gonzalez <es...@zmaw.de>
To: Tomcat Users List <us...@tomcat.apache.org>
Sent: Wed, August 11, 2010 7:59:07 AM
Subject: Re: java.net.SocketException: SSL handshake
errorjavax.net.ssl.SSLException: No available certificate or key corresponds to
the SSL cipher suites which are enabled.
Hi,
Just in case this is also related to my problem that truststoreFile is not being
read while redirecting from http. Check pointing to the file with the JVM param:
-Djavax.net.ssl.trustStore=
And if this works but your truststoreFile param at the connector don't write
some feedback.
thanks,
estani
Richard G Curry wrote:
> We got that early on when we first started working SSL secured sockets in our
>app and it was due to us not actually pointing to the correct certificate files
>and instead still going for the older ones. Is this a possibility in your
>situation?
>
>_______________________________________________________________________________________
>_
> «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
>_______________________________________________________________________________________
>_
> Rick Curry
> Common Services - Software Development
> E2 - 066, MS 5210
> 972-431-9178 (Voice)
> 972-585-7585 (Pager)
> To send a (short) Text Message to my Pager:
> 9725857585@page.metrocall.com
>
> -----Original Message-----
> From: Jing Chen [mailto:jingc3@yahoo.com] Sent: Tuesday, August 10, 2010 6:51
>PM
> To: users@tomcat.apache.org
> Subject: java.net.SocketException: SSL handshake
>errorjavax.net.ssl.SSLException: No available certificate or key corresponds to
>the SSL cipher suites which are enabled.
>
> After getting a new SSL certificate from GeoTrust, I keep getting the following
>error after starting JBoss 4.0.5:
> java.net.SocketException: SSL handshake errorj avax.net.ssl.SSLException: No
>available certificate or key corresponds to the SSL cipher suites which are
>enabled.
>
> I first imported the intermediate certificate with alias root, then import the
>final certificate with another alias name.
>
> Can someone help me figuring out where is the missing piece?
>
> Thanks!!
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged material.
>If the reader of this message is not the intended recipient,
> you are hereby notified that your access is unauthorized, and any review,
> dissemination, distribution or copying of this message including any
>attachments is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete the material from any
> computer.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
-- Estanislao Gonzalez
Max-Planck-Institut für Meteorologie (MPI-M)
Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre
Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany
Phone: +49 (40) 46 00 94-126
E-Mail: estanislao.gonzalez@zmaw.de
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException:
No available certificate or key corresponds to the SSL cipher suites which
are enabled.
Posted by Estanislao Gonzalez <es...@zmaw.de>.
Hi,
Just in case this is also related to my problem that truststoreFile is
not being read while redirecting from http. Check pointing to the file
with the JVM param:
-Djavax.net.ssl.trustStore=
And if this works but your truststoreFile param at the connector don't
write some feedback.
thanks,
estani
Richard G Curry wrote:
> We got that early on when we first started working SSL secured sockets in our app and it was due to us not actually pointing to the correct certificate files and instead still going for the older ones. Is this a possibility in your situation?
>
> _______________________________________________________________________________________
> «¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
> _______________________________________________________________________________________
> Rick Curry
> Common Services - Software Development
> E2 - 066, MS 5210
> 972-431-9178 (Voice)
> 972-585-7585 (Pager)
> To send a (short) Text Message to my Pager:
> 9725857585@page.metrocall.com
>
> -----Original Message-----
> From: Jing Chen [mailto:jingc3@yahoo.com]
> Sent: Tuesday, August 10, 2010 6:51 PM
> To: users@tomcat.apache.org
> Subject: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
>
> After getting a new SSL certificate from GeoTrust, I keep getting the following error after starting JBoss 4.0.5:
> java.net.SocketException: SSL handshake errorj avax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
>
> I first imported the intermediate certificate with alias root, then import the final certificate with another alias name.
>
> Can someone help me figuring out where is the missing piece?
>
> Thanks!!
> The information transmitted is intended only for the person or entity to
> which it is addressed and may contain confidential and/or privileged
> material. If the reader of this message is not the intended recipient,
> you are hereby notified that your access is unauthorized, and any review,
> dissemination, distribution or copying of this message including any
> attachments is strictly prohibited. If you are not the intended
> recipient, please contact the sender and delete the material from any
> computer.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Estanislao Gonzalez
Max-Planck-Institut für Meteorologie (MPI-M)
Deutsches Klimarechenzentrum (DKRZ) - German Climate Computing Centre
Room 108 - Bundesstrasse 45a, D-20146 Hamburg, Germany
Phone: +49 (40) 46 00 94-126
E-Mail: estanislao.gonzalez@zmaw.de
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
Posted by Richard G Curry <rg...@jcpenney.com>.
We got that early on when we first started working SSL secured sockets in our app and it was due to us not actually pointing to the correct certificate files and instead still going for the older ones. Is this a possibility in your situation?
_______________________________________________________________________________________
«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»§«¤»¥«¤»
_______________________________________________________________________________________
Rick Curry
Common Services - Software Development
E2 - 066, MS 5210
972-431-9178 (Voice)
972-585-7585 (Pager)
To send a (short) Text Message to my Pager:
9725857585@page.metrocall.com
-----Original Message-----
From: Jing Chen [mailto:jingc3@yahoo.com]
Sent: Tuesday, August 10, 2010 6:51 PM
To: users@tomcat.apache.org
Subject: java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
After getting a new SSL certificate from GeoTrust, I keep getting the following error after starting JBoss 4.0.5:
java.net.SocketException: SSL handshake errorj avax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
I first imported the intermediate certificate with alias root, then import the final certificate with another alias name.
Can someone help me figuring out where is the missing piece?
Thanks!!
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete the material from any
computer.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org