Most is illegal argument Exception: TLSV1 as below: [09:16:20] WARN [org.apache.mina.util.DefaultExceptionMonitor] - Unexpected exception. org.apache.mina.core.filterchain.IoFilterLifeCycleException: onPreAdd(): sslFilter:SslFilter in (0x00000006: nio socket, server, /192.168.1.102:50073 => /192.168.1.82:10636) at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:383) at org.apache.mina.core.filterchain.DefaultIoFilterChain.addLast(DefaultIoFilterChain.java:189) at org.apache.mina.core.filterchain.DefaultIoFilterChainBuilder.buildFilterChain(DefaultIoFilterChainBuilder.java:436) at org.apache.mina.core.polling.AbstractPollingIoProcessor.addNow(AbstractPollingIoProcessor.java:532) at org.apache.mina.core.polling.AbstractPollingIoProcessor.handleNewSessions(AbstractPollingIoProcessor.java:505) at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$400(AbstractPollingIoProcessor.java:67) at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1113) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: TLSV1 at sun.security.ssl.ProtocolVersion.valueOf(ProtocolVersion.java:187) at sun.security.ssl.ProtocolList.convert(ProtocolList.java:84) at sun.security.ssl.ProtocolList.<init>(ProtocolList.java:52) at sun.security.ssl.SSLEngineImpl.setEnabledProtocols(SSLEngineImpl.java:2081) at org.apache.mina.filter.ssl.SslHandler.init(SslHandler.java:176) at org.apache.mina.filter.ssl.SslFilter.onPreAdd(SslFilter.java:426) at org.apache.mina.core.filterchain.DefaultIoFilterChain.register(DefaultIoFilterChain.java:381) ... 10 more
On Sun, Aug 9, 2015 at 6:57 PM, Kiran Ayyagari <[email protected]> wrote: > On Sun, Aug 9, 2015 at 6:47 PM, jeffty <[email protected]> wrote: > > > openjdk version "1.8.0_51" > > OpenJDK Runtime Environment (build 1.8.0_51-b16) > > OpenJDK 64-Bit Server VM (build 25.51-b03, mixed mode) > > > ok, this should work, are there any errors in the server log? > > > > > -----Original Message----- > > From: Kiran Ayyagari [mailto:[email protected]] > > Sent: Sunday, August 09, 2015 6:46 PM > > To: [email protected] > > Subject: Re: Enable TLSv1 in ApacheDS lead to Timeout Error > > > > On Sun, Aug 9, 2015 at 6:44 PM, jeffty <[email protected]> wrote: > > > > > Thanks Kiran. > > > > > > Enable LDAPS Server option is checked and login is OK (when TLSv1 is > > > not enabled and Encryption method is Use SSL encryption ldaps://). > > > > > > After enable TLSv1 protocol, I change the Encryption method to Use > > > StartTLS extension and still got PROTOCOL_ERROR. > > > > > on which java version the server is running? > > > > > > > > See attached screenshot error_authenticate.jpg and connect_test.png > > > > > > Thanks. > > > > > > On Sun, Aug 9, 2015 at 6:06 PM, Kiran Ayyagari <[email protected]> > > > wrote: > > > > > >> On Sun, Aug 9, 2015 at 4:48 PM, jeffty <[email protected]> > wrote: > > >> > > >> > Hi All, > > >> > > > >> > > > >> > > > >> > I’ve enabled TLSv1 in ApacheDS, after restart the service I got a > > >> timeout > > >> > error and fail to login again. > > >> > > > >> > In Apache Directory Studio network Parameter, encryption method is > > >> > Use > > >> SSL > > >> > encryption(ldaps://) and > > >> > > > >> two things: > > >> 1. ldaps:// only works when the "Enable LDAPS Server" option is > > >> checked in the config editor 2. you can still connect securely > > >> without enabling the above option by using "Use StartTLS Extension" > > >> option for the "Encryption method" on "Network Parameter" tab in > > >> Studio. > > >> > > >> > > >> > provider is Apache Directory LDAP Client API. > > >> > > > >> > And in Authentication the authentication method is Simple > > >> Authentication. > > >> > > > >> > > > >> > > > >> > Below is my environment: > > >> > > > >> > ApacheDS: apacheds-2.0.0-M20-x86_64 > > >> > > > >> > Directory Studio: > > >> > ApacheDirectoryStudio-2.0.0.v20150606-M9-win32.x86_64 > > >> > > > >> > OS: CentOS6.6 > > >> > > > >> > > > >> > > > >> > I haven’t found any clues in apache ds website and no related > > >> > articles found by google either. > > >> > > > >> > Is there any guidance for login ds with TLSv1 enabled ? Thanks a > lot. > > >> > > > >> > Jason > > >> > > > >> > > >> > > >> > > >> -- > > >> Kiran Ayyagari > > >> http://keydap.com > > >> > > > > > > > > > > > > -- > > Kiran Ayyagari > > http://keydap.com > > > > > > > -- > Kiran Ayyagari > http://keydap.com >
