by James Jones [jbjones at chapman dot edu] posted on 2004/10/18 |
|
Here's parts of the prior thread in hopes of finding someone who has implemented this before: Having a java sslsocket server talk to a mentalis.org sslsocket client. So far I can't get past the "no cipher suites in common" error when calling in.readline(): read below:
I've started from scratch, creating a new certificate with the keytool as well as generating the corresponding .p12 cert, and taking your code exactly, pasting it into new projects, and running them against one another. I also have java 1.4.2 and .NET framework 1.1. Here's the majority of the relevant code:
(JAVA SERVER CODE)
String cert = "C:\\Documents and Settings\\jbjones\\.keystore";
String pass = "*****";
int port = 10116;
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(cert), pass.toCharArray());
kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmf.init(ks, pass.toCharArray());
km = kmf.getKeyManagers();
tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(ks);
tm = tmf.getTrustManagers();
sslc = SSLContext.getInstance("TLS");
sslc.init(km, tm, null);
ServerSocketFactory ssf = sslc.getServerSocketFactory();
ServerSocket ss = ssf.createServerSocket(port);
Socket tester = ss.accept();
BufferedReader in = new BufferedReader(new InputStreamReader(tester.getInputStream()));
BufferedOutputStream outStream = new BufferedOutputStream(tester.getOutputStream());
PrintStream outPrint = new PrintStream(outStream);
String line;
//read input
line = in.readLine();
NOTE: The exception occurs when calling in.readLine(): "SSLHandshakeException: no cipher suites in common"
(C# CLIENT CODE)
IPHostEntry ipHostInfo = Dns.Resolve(ip);
IPAddress ipAddress = ipHostInfo.AddressList[0];
IPEndPoint remoteEP = new IPEndPoint(ipAddress, port);
Certificate ssl = LoadPfxFile("c:\\testcert.p12", "ch4pm4n");//LoadCerFile("c:\\testcert.cer");
SecurityOptions security;// = new SecurityOptions(SecureProtocol.Ssl3 | SecureProtocol.Tls1, ssl, ConnectionEnd.Client);
security = new SecurityOptions(SecureProtocol.Tls1);
security.AllowedAlgorithms = SslAlgorithms.ALL;
security.Entity = ConnectionEnd.Client;
security.VerificationType = CredentialVerification.None;
security.Flags = SecurityFlags.Default;
security.Certificate = ssl;
//Create a TCP/IP socket
SecureSocket client = new SecureSocket(AddressFamily.InterNetwork,
SocketType.Stream, ProtocolType.Tcp, security);
// Connect to the remote endpoint
client.BeginConnect(remoteEP, new AsyncCallback(ConnectCallback), client);
connectDone.WaitOne(connectTimeout, true);
// Send data to the remote device
Send(client, request + "\n");
sendDone.WaitOne(sendTimeout, true);
The c# client successfully sends the message. The java server throws the "no ciphr suites in common".
Any Ideas?
Thanks for your help,
Jim
|
by Chris Mullins [cmullins at winfessor dot com] posted on 2004/11/24 |
|
We had this problem quite some time ago, when testing some interop between our .NET application and a Java application.
The problem (after several days of hair-pulling) turned out to be the method by which the Java certificate was created.
When we use the certificated provided by the vendor, our app would report "no ciphers in common". When we build a certificate using the standard tools, and used it, everthing was fine.
The vendor looked at this for a while, couldn't make heads or tales of why this was happening, and switched to a different certificate generation mechanism.
--
Chris Mullins |