"[EMAIL PROTECTED]" wrote : Its either the cert or the procedure since another
cert works. cygwin provides openssl for windows. The fact that jetty was used
is not relevant as it also uses the underlying jsse implementation from the
jdk, and this is what needs to be configured.
|
If we go through the process of revoking and re-creating a new cert through
Verisign, will I have problems w/ the old aliases I used w/ keytool to import
the original Versign cert (a.k.a. the 'bad one')? I get a warning that
'tomcat' alias exists if I try to use the same one to re-generate the keystore.
"[EMAIL PROTECTED]" wrote :
| Specify -Djavax.net.debug=all in the jboss JAVA_OPTS setting of run.bat to
see the full details of why the handshake fails.
OK, with debugging on, some interesting output is given:
| (15:31:44,233 INFO [STDOUT] http-0.0.0.0-8443-2, called closeSocket()
| 15:31:44,233 INFO [STDOUT] http-0.0.0.0-8443-2, handling exception:
javax.net.s
| sl.SSLHandshakeException: no cipher suites in common
| 15:31:44,233 INFO [STDOUT] http-0.0.0.0-8443-2, called close()
| 15:31:44,233 INFO [STDOUT] http-0.0.0.0-8443-2, called closeInternal(true)
| 15:31:44,233 INFO [STDOUT] 242
| 15:31:44,233 INFO [STDOUT] }
| 15:31:44,233 INFO [STDOUT] Session ID:
| 15:31:44,233 INFO [STDOUT] {}
| 15:31:44,233 INFO [STDOUT] Cipher Suites:
[TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TL
| S_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_A
| ES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5,
SSL_
| RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CB
| C_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SS
| L_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA,
SSL_DHE_DSS_WITH_DES_
| CBC_SHA, SSL_RSA_FIPS_WITH_DES_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA,
SSL_RSA_EXPORT
| 1024_WITH_RC4_56_SHA, SSL_RSA_EXPORT1024_WITH_DES_CBC_SHA,
SSL_RSA_EXPORT_WITH_R
| C4_40_MD5, SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5]
| 15:31:44,613 INFO [STDOUT] Compression Methods: {
| 15:31:44,613 INFO [STDOUT] 0
| 15:31:44,613 INFO [STDOUT] }
| 15:31:44,613 INFO [STDOUT] ***
| 15:31:44,613 INFO [STDOUT] http-0.0.0.0-8443-4
| 15:31:44,613 INFO [STDOUT] , SEND SSLv3 ALERT:
| 15:31:44,613 INFO [STDOUT] fatal,
| 15:31:44,613 INFO [STDOUT] description = handshake_failure
| 15:31:44,613 INFO [STDOUT] http-0.0.0.0-8443-4, WRITE: SSLv3 Alert, length
= 2
| 15:31:44,613 INFO [STDOUT] [Raw write]: length = 7
|
It's not particularly helpful to me but perhaps it means something to you?
Thanks again!
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3946340#3946340
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3946340
-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
