Saturday, 26 March 2016

"javax.net.ssl.SSLHandshakeException: no cipher suites in common" seen in WebSphere Application Server Node Agent logs

Following hot on the heels from my last post: -


I started seeing: -

[26/03/16 15:38:45:206 GMT] 00000048 SSLHandshakeE E   SSLC0008E: Unable to initialize SSL connection.  Unauthorized access was denied or security settings have expired.  Exception is javax.net.ssl.SSLHandshakeException: no cipher suites in common
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
[26/03/16 15:41:13:771 GMT] 00000075 ORBRas        E com.ibm.ws.security.orbssl.WSSSLClientSocketFactoryImpl createSSLSocket ProcessDiscovery : 0 JSSL0080E: javax.net.ssl.SSLHandshakeException - The client and server could not negotiate the desired level of security.  Reason: Received fatal alert: handshake_failure javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

in the SystemOut.log of the Node Agent.

The solution was, thankfully, the same; I updated the node-level ssl.client.props : -

vi /opt/IBM/WebSphere/AppServer/profiles/AppSrv01/properties/ssl.client.props 

and adding: -

com.ibm.ssl.enabledCipherSuites=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384


at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...