I want to configure SSL on jetty-distribution-9.2.9.v20150224
I followed http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html to configure SSL and generate certificate
The problem is: If I use the keystore generated by Keytool:
keytool -keystore keystore -alias jetty -genkey -keyalg RSA
and configure ssl and https modules to start.ini, Jetty works correctly.
However , the certificate extracted from keystore can’t be trusted by browser. So I want to create self-signed certificate using Openssl
My Openssl version is 0.9.8, and I generated keystore in following steps:
openssl genrsa -des3 -out server.key
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in mn-server.csr -signkey server.key -out server.crt
keytool -import -trustcacerts -alias server -file server.crt -keystore truststore.keystore
However, this truststore.keystore can't work. Http works correctly, but I’m not able to access to https. There's no special exception throw out, and when checking 8443 port, it's already initialized.
Am I missing some jetty configuration ? or the certificate generated is generated incorrect?
After debug, I see this no cipher suites in common exception
%%Initialized: [Session-1, SSL_NULL_WITH_NULL_NULL]
qtp1811075214-27, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
%% Invalidated: [Session-1, SSL_NULL_WITH_NULL_NULL]
qtp1811075214-27, SEND TLSv1.2 ALERT: fatal, description = handshake_failure
qtp1811075214-27, WRITE: TLSv1.2 Alert, length = 2
qtp1811075214-27, fatal: engine already closed. Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
The Signature algorithm I'm using is SHA1withRSA , and my Java version is "1.8.0_25"
It was solved by upgrade spring-ws-core version to 2.2.x
And I also upgrade openssl to 1.0.1k