Solved -- the problem was that I had created a fresh keystore containing only the certificates (and no key), instead of adding the certificates to the original keystore containing the key from which I generated the certificate signing request. I tracked down the original keystore file containing the key from which I generated the certificate signing request, and then added the certificates to that file. That made it work like a charm.
On Tue, Feb 1, 2011 at 1:01 PM, agks mehx <[email protected]> wrote: > Before installing an SSL certificate I could successfully send test emails > using Thunderbird (even though Thunderbird would warn me about there being > no certificate). > > After installing an SSL certificate (from Go Daddy), I started getting > ssl_error_no_cypher_overlap. Any suggestions? > > I am running on Amazon EC2 and Java was installed from yum repositories or > pre-installed rather than the full JDK coming from Sun/Oracle. May be the > installed JDK does not have the JSSE components? But this was working fine > before installing the certificates so that is not consistent with this > hypothesis. > > Here is how I imported the certificates. > > keytool -import -alias root -keystore james.keystore -trustcacerts -file > gd-class2-root.crt > keytool -import -alias cross -keystore james.keystore -trustcacerts -file > gd_cross_intermediate.crt > keytool -import -alias intermed -keystore james.keystore -trustcacerts > -file gd_intermediate.crt > keytool -import -alias james -keystore james.keystore -trustcacerts -file > smtp.myhostname.com.crt > >
