I'm running ftpserver on J2SE 1.5 on Windows, and trying to connect to it
using the ftp-ssl client on Debian Linux.
On the server side I have:
<ssl protocol="TLS" client-authentication="NONE" >
<keystore file="test.jks" password="password" />
</ssl>
On the client side I have:
ftp -z certrequired -z cipher-ALL -z secure -z cert=client.pem -z
key=client.pem
The connection fails, logging:
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at
com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:997)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:459)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1058)
at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1030)
at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:411)
at
org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:502)
I believe the client is OK -- it works with other servers.
If I specify enabled-ciphersuites in the ssl element of the server config, I
find that many of the ciphersuites listed here -
http://download.oracle.com/javase/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#AppA
-
cause the server to report an unavailable ciphersuite. I have not found a
ciphersuite I can use which satisfies the client, even basic ones such as
SSL_RSA_EXPORT_WITH_RC4_40_MD5
Any ideas?
Thanks,
John
--
"There is no way to peace; peace is the way"
