>> "javax.net.ssl.SSLHandshakeException: no cipher suites in common"
This error log seems to indicate a mismatch between the list of SSL
Cipher suites that the server supports and the list of SSL Cipher
suites that the client supports.
You can control the supported cipher suites in MINA by doing the following.
SSLFilter.setEnabledCipherSuites(String[]);
Example:
SSLFilter.setEnabledCipherSuites(new String[] {
"SSL_RSA_EXPORT_WITH_RC4_40_MD5"
, "SSL_RSA_WITH_RC4_128_MD5"
});
-Srikanth
On 6/23/06, class acts <[EMAIL PROTECTED]> wrote:
> Hi Trustin,
>
> I'm using Mina 0.9.4. When trying to run ConnectorTest.java I
> have the following problem: .Using port 1 for testing.
> * Without localAddress
> log4j:WARN No appenders could be found for logger
> (ConnectorTest$EchoConnectorHandler).
> log4j:WARN Please initialize the log4j system properly.
> * With localAddress
> .Using port 1 for testing.
> * Without localAddress
> javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
> at
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:421)
> at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501)
> at
org.apache.mina.common.support.AbstractIoFilterChain.access$5(AbstractIoFilterChain.java:495)
> at
org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(AbstractIoFilterChain.java:787)
> at
org.apache.mina.common.support.AbstractIoFilterChain$2.messageReceived(AbstractIoFilterChain.java:110)
> at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501)
> at
org.apache.mina.common.support.AbstractIoFilterChain.messageReceived(AbstractIoFilterChain.java:492)
> at
org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:284)
> at
org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:244)
> at
org.apache.mina.transport.socket.nio.SocketIoProcessor.access$4(SocketIoProcessor.java:233)
> at
org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:565)
> Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown
Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(Unknown
Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source)
> at javax.net.ssl.SSLEngine.wrap(Unknown Source)
> at
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:518)
> at
org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291)
> at
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:389)
> ... 10 more
> Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> at
com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(Unknown
> Source)
> at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(Unknown
Source)
> at
com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
> at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)
> at java.security.AccessController.doPrivileged(Native Method)
> at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown
Source)
> at
org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:745)
> at
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:483)
> ... 12 more
> javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
> at
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:421)
> at
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:501)
> at
org.apache.mina.common.support.AbstractIoFilterChain.access$5(AbstractIoFilterChain.java:495)
> at
org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(AbstractIoFilterChain.java:787)
> at
org.apache.mina.filter.ThreadPoolFilter.processEvent(ThreadPoolFilter.java:718)
> at
org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter.java:475)
> at
org.apache.mina.filter.ThreadPoolFilter$Worker.run(ThreadPoolFilter.java:429)
> Caused by: javax.net.ssl.SSLException: Received fatal alert: handshake_failure
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(Unknown
Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(Unknown
Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(Unknown
Source)
> at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(Unknown Source)
> at javax.net.ssl.SSLEngine.unwrap(Unknown Source)
> at
org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:675)
> at
org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:492)
> at
org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291)
> at
org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:389)
> ... 6 more
>
>
> I also tried passing: -Djavax.net.ssl.trustStore=bogus.cert
> -Djavax.net.ssl.trustStorePassword=boguspw when running the
> ConnectorTest and -Djavax.net.ssl.keyStore=bogus.cert
> -Djavax.net.ssl.keyStorePassword=boguspw when running the EchoServer
> example.
>
> I have also upgraded my JCE or JSSE (forget which) to the unlimited
> strength one as distributed on Sun's site for JDK 1.5.
>
> Thanks for your assistance.
>
>
> On 6/23/06, Trustin Lee <[EMAIL PROTECTED]> wrote:
> > Hello class acts,
> >
> > On 6/23/06, class acts <[EMAIL PROTECTED]> wrote:
> > >
> > > Well, I've spent countless hours trying to get this to work. I've
> > > managed to connect a client application with my server using
> > > SSLFilter, there doesn't seem to be any errors with connecting or
> > > sending data from the client to the server. However, I ran into a
> > > strange problem that I think may have to do with filters. It seems
> > > that my client application can send messages to the server without any
> > > problem, but as soon as the server sends messages back to the client,
> > > the server locks up (usually on the second message sent). Here is the
> > > stack trace:
> > >
> > > Thread [AnonymousIoService-6-4] (Suspended)
> > >
> > >
ProtocolCodecFilter$ProtocolEncoderOutputImpl(SimpleProtocolEncoderOutput).write(ByteBuffer)
> > > line: 32
> > > MyPacketEncoder.encode(IoSession, Object, ProtocolEncoderOutput)
> > > line: 104
> > > ProtocolCodecFilter.filterWrite(IoFilter$NextFilter, IoSession,
> > > IoFilter$WriteRequest) line: 226
> > >
> > >
SocketFilterChain(AbstractIoFilterChain).callPreviousFilterWrite(IoFilterChain$Entry,
> > > IoSession, IoFilter$WriteRequest) line: 583
> > > AbstractIoFilterChain.access$7(AbstractIoFilterChain,
> > > IoFilterChain$Entry, IoSession, IoFilter$WriteRequest) line: 577
> > > AbstractIoFilterChain$1.filterWrite(IoSession,
> > > IoFilter$WriteRequest) line: 799
> > > AbstractIoFilterChain$3.filterWrite(IoFilter$NextFilter,
> > > IoSession,
> > > IoFilter$WriteRequest) line: 212
> > >
> > >
SocketFilterChain(AbstractIoFilterChain).callPreviousFilterWrite(IoFilterChain$Entry,
> > > IoSession, IoFilter$WriteRequest) line: 583
> > > SocketFilterChain(AbstractIoFilterChain).filterWrite(IoSession,
> > > IoFilter$WriteRequest) line: 574
> > > SocketSessionImpl.write0(IoFilter$WriteRequest) line: 176
> > > SocketSessionImpl(BaseIoSession).write(Object) line: 136
> > > MyClient.write(String) line: 68
> > > MyPacketHandler.sendAccountInfo(MyClient) line: 1081
> > > MyPacketHandler.processPacket(MyClient, GenuFXPacket) line: 153
> > > MyIoHandler.messageReceived(IoSession, Object) line: 79
> > > AbstractIoFilterChain$3.messageReceived(IoFilter$NextFilter,
> > > IoSession, Object) line: 188
> > >
> > >
SocketFilterChain(AbstractIoFilterChain).callNextMessageReceived(IoFilterChain$Entry,
> > > IoSession, Object) line: 501
> > > AbstractIoFilterChain.access$5(AbstractIoFilterChain,
> > > IoFilterChain$Entry, IoSession, Object) line: 495
> > > AbstractIoFilterChain$1.messageReceived(IoSession, Object) line:
> > > 787
> > > ProtocolCodecFilter.messageReceived(IoFilter$NextFilter,
> > > IoSession,
> > > Object) line: 187
> > >
> > >
SocketFilterChain(AbstractIoFilterChain).callNextMessageReceived(IoFilterChain$Entry,
> > > IoSession, Object) line: 501
> > > AbstractIoFilterChain.access$5(AbstractIoFilterChain,
> > > IoFilterChain$Entry, IoSession, Object) line: 495
> > > AbstractIoFilterChain$1.messageReceived(IoSession, Object) line:
> > > 787
> > > SSLFilter.handleAppDataRead(IoFilter$NextFilter, SSLHandler) line:
> > > 623
> > > SSLFilter.handleSSLData(IoFilter$NextFilter, SSLHandler) line: 601
> > > SSLFilter.messageReceived(IoFilter$NextFilter, IoSession, Object)
> > > line: 392
> > >
> > >
SocketFilterChain(AbstractIoFilterChain).callNextMessageReceived(IoFilterChain$Entry,
> > > IoSession, Object) line: 501
> > > AbstractIoFilterChain.access$5(AbstractIoFilterChain,
> > > IoFilterChain$Entry, IoSession, Object) line: 495
> > > AbstractIoFilterChain$1.messageReceived(IoSession, Object) line:
> > > 787
> > > ThreadPoolFilter.processEvent(IoFilter$NextFilter, IoSession,
> > > ThreadPoolFilter$EventType, Object) line: 718
> > >
ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter$SessionBuffer)
> > > line: 475
> > > ThreadPoolFilter$Worker.run() line: 429
> > >
> > >
> > > So it seems that it's getting stuck on the Queue.push(Object) call.
> > > Afaik, there is no thread dead-locking, it's just sitting there. The
> > > first message always goes out without any problem, but the second call
> > > to IoSession.write() fails. The exact same code without the SSLFilter
> > > added, works 100% of the time without any problem.
> >
> >
> > I'm sorry to hear that you've spent a lot of time. Can I know which version
> > of MINA you're using exactly first?
> >
> > Also, to see if the same thing occurs in the example program
> > > EchoServer, I tried to write an EchoClient program that can connect to
> > > it. I created the bogus.cert just like in the comments in the
> > > BogusSSLContextFactory class, I run the EchoServer but I get this
> > > stack trace in the server when the client connects:
> > >
> > > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
> > > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java
> > > :421)
> > > at
> > >
org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived
> > > (AbstractIoFilterChain.java:501)
> > > at org.apache.mina.common.support.AbstractIoFilterChain.access$5(
> > > AbstractIoFilterChain.java:495)
> > > at
> > > org.apache.mina.common.support.AbstractIoFilterChain$1.messageReceived(
> > > AbstractIoFilterChain.java:787)
> > > at org.apache.mina.filter.ThreadPoolFilter.processEvent(
> > > ThreadPoolFilter.java:718)
> > > at org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(
> > > ThreadPoolFilter.java:475)
> > > at org.apache.mina.filter.ThreadPoolFilter$Worker.run(
> > > ThreadPoolFilter.java:429)
> > > Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> > > at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Unknown
> > > Source)
> > > at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(Unknown
> > > Source)
> > > at
com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(Unknown
> > > Source)
> > > at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(Unknown Source)
> > > at javax.net.ssl.SSLEngine.wrap(Unknown Source)
> > > at org.apache.mina.filter.support.SSLHandler.handshake(
> > > SSLHandler.java:518)
> > > at org.apache.mina.filter.support.SSLHandler.messageReceived(
> > > SSLHandler.java:291)
> > > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java
> > > :389)
> > > ... 6 more
> > > Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> > > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown
> > > Source)
> > > at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(Unknown
> > > Source)
> > > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> > > at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
> > > at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite
> > > (Unknown
> > > Source)
> > > at
com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(Unknown
> > > Source)
> > > at
com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(Unknown
> > > Source)
> > > at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown
> > > Source)
> > > at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Unknown Source)
> > > at java.security.AccessController.doPrivileged(Native Method)
> > > at
com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Unknown
> > > Source)
> > > at org.apache.mina.filter.support.SSLHandler.doTasks(
> > > SSLHandler.java:745)
> > > at org.apache.mina.filter.support.SSLHandler.handshake(
> > > SSLHandler.java:483)
> > > ... 8 more
> > >
> > >
> > > I've attached the client code:
> > >
> > > import javax.net.ssl.SSLContext;
> > > import javax.net.ssl.SSLSocket;
> > >
> > > import ssl.BogusSSLContextFactory;
> > >
> > > import java.io.*;
> > >
> > > public class MinaEchoClient {
> > >
> > > public static void main(String[] arstring) {
> > > try {
> > > SSLContext sc =
BogusSSLContextFactory.getInstance(
> > > false );
> > >
> > > SSLSocket sslsocket = (SSLSocket)
> > > sc.getSocketFactory()
> > > .createSocket("127.0.0.1", 8080);
> > >
> > > InputStream inputstream = System.in;
> > > InputStreamReader inputstreamreader = new
> > > InputStreamReader(
> > > inputstream);
> > > BufferedReader bufferedreader = new
> > > BufferedReader(
> > > inputstreamreader);
> > >
> > > OutputStream outputstream =
> > > sslsocket.getOutputStream();
> > > OutputStreamWriter outputstreamwriter = new
> > > OutputStreamWriter(
> > > outputstream);
> > > BufferedWriter bufferedwriter = new
> > > BufferedWriter(
> > > outputstreamwriter);
> > >
> > > String string = null;
> > > while ((string = bufferedreader.readLine()) !=
> > > null) {
> > > bufferedwriter.write(string + '\n');
> > > bufferedwriter.flush();
> > > }
> > > } catch (Exception exception) {
> > > exception.printStackTrace();
> > > }
> > > }
> > > }
> >
> >
> > I don't know why, but please take a look at our ConnectorTest.java test case
> > which is included in examples package. Is is working fine.
> >
> > Trustin
> > --
> > what we call human nature is actually human habit
> > --
> > http://gleamynode.net/
> > --
> > PGP key fingerprints:
> > * E167 E6AF E73A CBCE EE41 4A29 544D DE48 FE95 4E7E
> > * B693 628E 6047 4F8F CFA4 455E 1C62 A7DC 0255 ECA6
> >
> >
>
