4 Replies Latest reply on Dec 9, 2002 3:21 AM by marrs

    Thawte SSL Certificate

    jachildress
    jachildress Jan 30, 2002 1:51 PM

      Hello,

      I have been attempting to use JBoss 2.4.4 / Tomcat 4.0.1 with a ssl cert issued by Thawte. I have been able to setup and use a cert that I issued myself, but no luck with the cert from Thawte.

      The specific error I receive when JBoss starts up is:

      javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled.

      I'm using Red Hat Linux 7.2, and have tried both the 1.3.1 and 1.4 (rc1) jdks. Both jdks result in the same error.

      I am confident that the cert is ok, as I have imported it successfully and can run keytool -list -v and view the cert info.

      My config seems ok also, in jboss.jcml, as when I switch the keystore to one with my self gen cert, JBoss "works". As soon as I use the keystore with the Thawte cert, I receive the error.

      I just wanted to ask for help, before I dropped $50 for another cert :-(

      Thanks for any help,

      John

      I have tried both

      • 3325 Views
      • Tags:
        • 1. Re: Thawte SSL Certificate
          luke_t Jan 31, 2002 12:12 PM (in response to jachildress)

          Sounds like an issue with the algorithms supported by your certificate and those supported by your SSL implementation.

          For example, if your certificate has an RSA public key and you don't have an RSA implementation then you would probably get something like this. Or it may be due to the supported key lengths, e.g. 512 vs 1024 bits or whatever.

          I would check out the differences between your self-generated certificate and the Thawte one, and try generating your own certificates with similar info to the Thawte one and see if these work. You can also use OpenSSL to do this sort of thing (but it's not trivial :).

          Luke.

            • Actions
          • 2. Re: Thawte SSL Certificate
            jachildress
            jachildress Feb 1, 2002 8:13 AM (in response to jachildress)

            Thanks Luke, I'll try your suggestion.

            I guess mainly I was just looking for someone to give me a "thumbs up" that they have successfully used a Thawte, or Verisign, cert with JBoss/Tomcat.

            John

              • Actions
            • 3. Re: Thawte SSL Certificate
              kaokys
              kaokys Mar 29, 2002 10:23 PM (in response to jachildress)

              I succeed with the Verisign trial cert...

              I imported the trial cert into the keystore file.
              I used the same alias with my key...
              The trial cert is attached my key entry and cert chain lengths are increased to 2.

              When I typeed https, I got the page with the trial cert...

              kaokys...

                • Actions
              • 4. Re: Thawte SSL Certificate
                marrs
                marrs Dec 9, 2002 3:21 AM (in response to jachildress)

                Can you please explain the steps you did to make this work?

                  • Actions