SSL certificate error - no cipher suites in common

Using an SSL certificate issued by Comodo, I get this error

[2015-08-13 09:10:41,902][WARN ][shield.transport.netty   ] [-es-1] exception caught on transport layer [[id: 0xcc16773e, / => /]], closing connection no cipher suites in common

I used the procedure as described here.

  keytool -importcert -keystore test2.jks -file domain.com_2015.crt

Any idea on how to fix the cipher suites?
Best regards,

Is this a free cert or one you paid for? Also how did you generate your key & CSR? Did you use the command here:

keytool -certreq                   \
        -alias      node01         \ 
        -keystore   node01.jks     \
        -file       node01.csr     \
        -keyalg     rsa            \

That exception can be very misleading as it more commonly has to do with an issue in the keystore setup rather than there being no cipher suites in common on both sides.

Can you provide the output of keytool -list -v -keystore test2.jks and can you also see what gets output if you use openssl s_client -connect

Thanks Mike and Jay.
I suspect there is something wrong with the certificate. Will look closer on it next week.

It got it working after receiving a new certficate, with the full chain.


I am receiving quite similar exception like Christopher.

[2015-11-01 16:01:15,324][WARN ][shield.transport.netty ] [node01] Caught exception while handling client http traffic, closing connection [id: 0x5479d43a, / => /] no cipher suites in common
Caused by: no cipher suites in common
And downsomewhere in the trace i have the following exception:
Caused by: Client requested protocol SSLv3 not enabled or not supported

when I run the following curl command
curl -u es_admin -XGET ''

Output is:
Enter host password for user 'es_admin': (I Provide the correct password)
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake fail

Output for: openssl s_client -connect
139800579409568:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:762:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 317 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

It seems like there's something wrong with the certificate only. I created my own CA anf followed steps on:

Please start your own thread.

Done. Thanks for correcting me. I thought it would be ok if I would share my similar problem here.