000020579 - ?No available certificate corresponds to the SSL cipher suites which are enabled? ? error starting Dispatcher/KeyServer component.

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020579
Applies ToClearTrust 5.5.3
OpenSSL
Microsoft Windows 2003 SP1
Issue?No available certificate corresponds to the SSL cipher suites which are enabled? ? error starting Dispatcher/KeyServer component.

Configuring ClearTrust to use OpenSSL for inter-component communications. OpenSSL is used to generate PKCS#12 file (KeyStore). When starting Dispatcher/KeyServer the following exception is thrown:

 

javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled.

at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.a(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)

at sirrus.dispatcher.AuthServerRegistry.run(AuthServerRegistry.java:102)

ResolutionFollowing the documentation (see page 157 of the RSA ClearTrust 5.5.3 Servers Installation and Configuration Guide) for setting the private key alias you must make sure that the alias cited in the parameter cleartrust.net.ssl.private.key_alias matches that of the friendly name attribute in the PKCS#12 file. If these strings do not match it will result in this exception.
Legacy Article IDa36091

Attachments

    Outcomes