Problem with ssl configuration in jboss


(Muhammad Safwan P) #1

Creation of Certificate Authority and Server Certificates using Openssl and Java keystores
Create the Certificate Authority:

Generate CA key pair: openssl genrsa -aes256 -out ..\xyz_ca\private\ca.key.pem 4096
Verify CA password: openssl rsa -in ..\xyz_ca\private\ca.key.pem
Generate CA root certificate: openssl req -new -x509 -days 3650 -key ..\xyz_ca\private\ca.key.pem -sha256 -extensions v3_ca -out ..\xyz_ca\cacert\ca.cert.pem 

Create the server certificate

Generate server key pair: keytool -keystore server.jks -genkey -alias server. 
Create certificate signing request (CSR): keytool -keystore server.jks -certreq -alias server -keyalg rsa -file localhost.csr 

Sign a CSR (note that various defaults have been added to openssl.cfg)

openssl ca -extensions usr_cert -notext -md sha256 -policy policy_anything -in ..\xyz_ca\certs\localhost.csr -out ..\xyz_ca\certs\localhost.pem 

Import the CA certificate

keytool -keystore server.jks -importcert -trustcacerts -alias root -file "\Program Files\OpenSSL-Win64\xyz_ca\cacert\ca.cert.pem" 

Import the signed certificate

keytool -keystore server.jks -importcert -alias server -file "\Program Files\OpenSSL-Win64\xyz_ca\certs\localhost.pem" 

adding key to jobss

**finally getting error like**

in firefox
.....
06:36:34,325 INFO [stdout] (http-/0.0.0.0:8443-2) %% Initialized: [Session-11, SSL_NULL_WITH_NULL_NULL]
06:36:34,326 INFO [stdout] (http-/0.0.0.0:8443-2) %% Invalidated: [Session-11, SSL_NULL_WITH_NULL_NULL]
06:36:34,326 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, SEND TLSv1 ALERT: fatal, description = handshake_failure
06:36:34,326 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, WRITE: TLSv1 Alert, length = 2
06:36:34,326 INFO [stdout] (http-/0.0.0.0:8443-2) [Raw write]: length = 7
06:36:34,328 INFO [stdout] (http-/0.0.0.0:8443-2) 0000: 15 03 01 00 02 02 28 ......(
06:36:34,343 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called closeSocket()
06:36:34,344 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
06:36:34,345 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, IOException in getSession(): javax.net.ssl.SSLHandshakeException: no cipher suites in common
06:36:34,345 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called close()
06:36:34,345 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called closeInternal(true)

in iE

06:46:12,588 INFO [stdout] (http-/0.0.0.0:8443-2) 0F80: 55 04 0A 13 06 75 6E 69 73 79 73 31 0F 30 0D 06 U....unisys1.0..
06:46:12,589 INFO [stdout] (http-/0.0.0.0:8443-2) 0F90: 03 55 04 0B 13 06 75 6E 69 73 79 73 31 16 30 14 .U....unisys1.0.
06:46:12,589 INFO [stdout] (http-/0.0.0.0:8443-2) 0FA0: 06 03 55 04 03 13 0D 69 6E 2D 70 6D 75 68 61 6D ..U....in-pmuham
06:46:12,590 INFO [stdout] (http-/0.0.0.0:8443-2) 0FB0: 6D 73 2D 31 31 27 30 25 06 09 2A 86 48 86 F7 0D ms-11'0%..*.H...
06:46:12,593 INFO [stdout] (http-/0.0.0.0:8443-2) 0FC0: 01 09 01 16 18 6D 75 68 61 6D 6D 61 64 2E 70 40 .....muhammad.p@
06:46:12,594 INFO [stdout] (http-/0.0.0.0:8443-2) 0FD0: 69 6E 2E 75 6E 69 73 79 73 2E 63 6F 6D 0E 00 00 ...
06:46:12,595 INFO [stdout] (http-/0.0.0.0:8443-2) 0FE0: 00 .
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, received EOFException: error
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, handling exception: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) %% Invalidated: [Session-12, TLS_DHE_DSS_WITH_AES_128_CBC_SHA]
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, SEND TLSv1 ALERT: fatal, description = handshake_failure
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, WRITE: TLSv1 Alert, length = 2
06:46:12,596 INFO [stdout] (http-/0.0.0.0:8443-2) [Raw write]: length = 7
06:46:12,597 INFO [stdout] (http-/0.0.0.0:8443-2) 0000: 15 03 01 00 02 02 28 ......(
06:46:12,597 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called closeSocket()
06:46:12,597 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, IOException in getSession(): javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
06:46:12,597 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called close()
06:46:12,597 INFO [stdout] (http-/0.0.0.0:8443-2) http-/0.0.0.0:8443-2, called closeInternal(true)

please help me to rectify this


(Mark Walkom) #2

I don't know jboss, but what does this have to do with ES?


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.