[jira] [Closed] (AMQ-6412) NMS fails to connect with ActiveMQ when using ssl://, SSLHandshakeException: no cipher suites in common

[Timothy Bish (JIRA)]

     [ 
https://issues.apache.org/jira/browse/AMQ-6412?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Timothy Bish closed AMQ-6412.
-----------------------------
    Resolution: Not A Problem

Cipher suites are configurable so you just need to match up what your .NET 
client can support:  http://activemq.apache.org/ssl-transport-reference.html

> NMS fails to connect with ActiveMQ when using ssl://, SSLHandshakeException: 
> no cipher suites in common
> -------------------------------------------------------------------------------------------------------
>
>                 Key: AMQ-6412
>                 URL: https://issues.apache.org/jira/browse/AMQ-6412
>             Project: ActiveMQ
>          Issue Type: Bug
>          Components: Broker
>    Affects Versions: 5.14.0
>         Environment: Windows 10, JDK 1.8.0_91, Apache.NMS v4.0.30319
>            Reporter: James Beamish-White
>
> When trying to connect using Apache NMS, I get the following error:
> ERROR | Could not accept connection from tcp://0:0:0:0:0:0:0:1:55511 : 
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> The exact same Visual Studio NMS project works fine with ActiveMQ 5.13. So it 
> seems that the cipher suite configuration in 5.14.x has changed, and no 
> longer supports some ciphers that should be acceptable.
> A more detailed log is below:
> {code}
> ActiveMQ Transport: ssl:///0:0:0:0:0:0:0:1:55511, READ: TLSv1 Handshake, 
> length = 120
> ClientHello, TLSv1
> RandomCookie:  GMT: 1455911462 bytes = { 25, 121, 104, 48, 195, 62, 217, 29, 
> 109, 76, 31, 195, 198, 102, 13, 49, 169, 113, 75, 67, 28, 29, 173, 227, 71, 
> 151, 221, 178 }
> Session ID:  {}
> Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 
> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 
> TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, 
> TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, 
> TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 
> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, 
> SSL_RSA_WITH_RC4_128_MD5]
> Compression Methods:  { 0 }
> Extension server_name, server_name: [type=host_name (0), value=localhost]
> Extension elliptic_curves, curve names: {secp256r1, secp384r1}
> Extension ec_point_formats, formats: [uncompressed]
> Unsupported extension type_35, data:
> Unsupported extension type_23, data:
> Extension renegotiation_info, renegotiated_connection: <empty>
> %% Initialized:  [Session-1, SSL_NULL_WITH_NULL_NULL]
> %% Invalidated:  [Session-1, SSL_NULL_WITH_NULL_NULL]
> ActiveMQ Transport: ssl:///0:0:0:0:0:0:0:1:55511, SEND TLSv1 ALERT:  fatal, 
> description = handshake_failure
> ActiveMQ Transport: ssl:///0:0:0:0:0:0:0:1:55511, WRITE: TLSv1 Alert, length 
> = 2
> ActiveMQ Transport: ssl:///0:0:0:0:0:0:0:1:55511, called closeSocket()
> ActiveMQ Transport: ssl:///0:0:0:0:0:0:0:1:55511, handling exception: 
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> ActiveMQ BrokerService[localhost] Task-1, handling exception: 
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
>  WARN | Transport Connection to: tcp://0:0:0:0:0:0:0:1:55511 failed: 
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> ActiveMQ Task-1, called close()
> ActiveMQ Task-1, called closeInternal(true)
> ERROR | Could not accept connection from tcp://0:0:0:0:0:0:0:1:55511 : 
> javax.net.ssl.SSLHandshakeException: no cipher suites in common
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)