Contributions
javax.net.ssl.SSLHandshakeException: no cipher suites in common
Testing TLS 1.2 using SOAPUI as server. I have the following client / server configuration where TLS 1.2 is concerned. Is thera a way to dump what ciphers SOAPUI supports regardless of what is configured in the application to determine what it thinks is the mismatch? SOAPUI server set to support: Currently SoapUI-5.7.0.vmoptions is set to support : -Dsoapui.https.protocols="SSLv1,SSLv2,SSLv3,TLSv1.0,TLSv1.1,TLSv1.2" -Dsoapui.https.ciphers=TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256 Client set to support : 0x009c:TLS_RSA_WITH_AES_128_GCM_SHA256 0x003d:TLS_RSA_WITH_AES_256_CBC_SHA256 0x0035:TLS_RSA_WITH_AES_256_CBC_SHA 0x002f:TLS_RSA_WITH_AES_128_CBC_SHA 0x000a:TLS_RSA_WITH_3DES_EDE_CBC_SHA the SOAPUI Jetty Log is putting out this error: Tue Jan 17 10:16:21 EST 2023:INFO:Started SslSocketConnector@0.0.0.0:8443 Tue Jan 17 10:16:21 EST 2023:INFO:Started JettyMockEngine$SoapUIConnector@0.0.0.0:8088 Tue Jan 17 10:16:37 EST 2023:WARN:EXCEPTION javax.net.ssl.SSLHandshakeException: no cipher suites in common at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:356) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:303) at java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:471) at java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:297) at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:440) at java.base/sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1120) at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:853) at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:812) at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480) at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:458) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:199) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:171) at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1498) at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1404) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:441) at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:412) at org.mortbay.jetty.security.SslSocketConnector$SslConnection.run(SslSocketConnector.java:708) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630) at java.base/java.lang.Thread.run(Thread.java:831) The SOAPUI Preferences SSL Settings is set like so: Thanks589Views0likes0CommentsRe: SOAPUI implement TLS 1.2
Issue: On the Server side, I get an invalid key format. Question: Which format is invalid? My certificates are in .p12 format. Is JKS a different format that is required by SoapUI? Yes, I had to use the KeyStore format to get SoapUI to accept the server key pair. I generated key pair using OPENSSL and then imported them into KeyStore. I did this for both client and server. Just to add that the Mock Service on the Server side is set to listen on port 443. I did configure the project KeyStore and TrustStore with the server.p12 (KeyStore) and intermediate.p12 (TrustStore). (not sure if this is needed as I haven't seen and post saying this is required.) Note to self. Set Mock Service port to 8443. Run the actual mock service on 8088. The server side then handles both SSL and non SSL requests. This post can be closed.3.9KViews1like0CommentsSOAPUI implement TLS 1.2
Running one SoapUI as client on one workstation and another SoapUI as server on a second work station. 1] Have configured both SoapUI SoapUI-5.3.0.vmoptions file with these parameters. -Dsoapui.https.protocols=TLSv1.2 -Dsoapui.https.ciphers=TLS_RSA_WITH_AES_256_CBC_SHA256 2] Using OPENSSL, generated root and intermediate key pairs and then generated client and server key/certificates. I used the OPENSSL tool to create the client.p12 and server.p12 certificates with their respective passwords. 3] on the Client SoapUI, I set the Preference KeyStore /KeyStore password to the client.p12. No otherconfiguration changes were made to the Preferences for the SSL Mock Service. At the script level, I set the Endpoint to the server's IP address as https://x.x.x.x:443. 4] on the Server SoapUI, I set the Preferences KeyStore/KeyStore password to the sever.p12. I enabled the Mock SSL. I set the Mock port to 443 I set the Mock KeyStore/KeyStore key/passwordfor server.p12. I set the Mock Store /TrustStore password to the intermediate.p12. Client Authentication is enabled. Issue: On the Server side, I get an invalid key format. Question: Which format is invalid? My certificates are in .p12 format. Is JKS a different format that is required by SoapUI? I attached the error and soapui logs. Just to add that the Mock Service on the Server side is set to listen on port 443. I did configure the project KeyStore and TrustStore with the server.p12 (KeyStore) and intermediate.p12 (TrustStore). (not sure if this is needed as I haven't seen and post saying this is required.) Thanks4KViews0likes1CommentRe: java.io.FileNotFoundException error
I believe the error is a red herring. By setting the mock service to enabled and setting the parameters for the mock KeyStore and TrustStore, I don't get the error anymore. I opened another case detailing what I am trying to accomplish. So this thread can be closed. I can understand the frustration in setting TLS 1.2 as this is not a simple click-and-play option. Regards11KViews0likes0CommentsRe: java.io.FileNotFoundException error
Was this issue resolved and if so how. I get the same error with SoapUI 5.2.1. Thannks java4dev wrote: Is there any solution to this problem? I have also tried to setup full rights to the whole directory strucutre but it does not help. I have even started the application as Administrator, without any result. OS:windows 7 This is the error I get java.io.FileNotFoundException: C:\Program Files (x86)\eviware\soapUI-3.5\bin (Access is denied)11KViews0likes2Comments