glassfish
  1. glassfish
  2. GLASSFISH-15973

keystore / trust-store per ssl listener not working

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 3.1_b41
    • Fix Version/s: None
    • Component/s: web_container
    • Labels:
      None

      Description

      I tried to configure keystore/truststore per ssl listener as described in GLASSFISH-657

      <protocol security-enabled="true" name="http-listener-2">
      <http default-virtual-server="server">
      <file-cache></file-cache>
      </http>
      <ssl key-store="mystore.jks" ssl3-enabled="false" classname="com.sun.enterprise.security.ssl.GlassfishSSLImpl" trust-store="mytrust.jks" cert-nickname="mynick"></ssl>
      </protocol>

      tested with absolute path and file name only, both result in the following exception.
      I checked that files and nickname exists. Am I missing something else here?

      GRIZZLY0007: SSL support could not be configured!
      java.io.IOException: SSL configuration is invalid due to No available certificate or key corresponds to the SSL cipher suites which are enabled.
      at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.checkConfig(JSSE14SocketFactory.java:455)
      at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.init(JSSE14SocketFactory.java:183)
      at com.sun.grizzly.config.SSLConfigHolder.initializeSSL(SSLConfigHolder.java:361)
      at com.sun.grizzly.config.SSLConfigHolder.configureSSL(SSLConfigHolder.java:237)
      at com.sun.grizzly.config.GrizzlyEmbeddedHttps$LazySSLInitializationFilter.execute(GrizzlyEmbeddedHttps.java:202)
      at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      at java.lang.Thread.run(Thread.java:662)
      Caused by: javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.
      at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.checkEnabledSuites(SSLServerSocketImpl.java:310)
      at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(SSLServerSocketImpl.java:255)
      at com.sun.grizzly.util.net.jsse.JSSE14SocketFactory.checkConfig(JSSE14SocketFactory.java:451)
      ... 14 more

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            kumarjayanti
            Reporter:
            schaarsc
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: