000014182 - ClearTrust server error message: ?No available certificate corresponds to the SSL cipher suites which are enabled? message.

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000014182
Applies ToClearTrust Servers 5.5.3
Microsoft Windows 2000
Microsoft Windows 2003
Solaris 9
OpenSSL

Cipher suites remain disabled in the corresponding conf files (cleartrust.net.ssl.cipher_suitesis left unset).

IssueClearTrust servers error message: ?No available certificate corresponds to the SSL cipher suites which are enabled?
ClearTrust servers throw ?No available certificate corresponds to the SSL cipher suites which are enabled? message.

After building and attempting to use a PKCS#12 file for mutually authenticated SSL for the ClearTrust intercomponents (using OpenSSL), the following exception messages appears in the servers log files:

 

javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled.

at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.a(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.accept(Unknown Source)

at sirrus.dispatcher.AuthServerRegistry.run(AuthServerRegistry.java:102)  

ResolutionMake sure that the alias setting for the parameter cleartrust.net.ssl.private.key_aliasin the ClearTrust conf files exactly matches the alias for the client certificate within the p12 file.  If they don't match then this error can occur.
Legacy Article IDa36852

Attachments

    Outcomes