SSLHandshakeException:no cipher suites in common in spring integration TCP Server

Question

I am trying to use TCP Server using spring integration. Specifically, I am using SSL/TSL support as mentioned at http://docs.spring.io/spring-integration/reference/html/ip.html#ssl-tls

My sslContextSupport bean is as follows:

<bean id="sslContextSupport"
     class="org.springframework.integration.ip.tcp.connection.DefaultTcpSSLContextSupport">
    <constructor-arg value="client.ks"/>
    <constructor-arg value="client.truststore.ks"/>
    <constructor-arg value="secret"/>
    <constructor-arg value="secret"/>
</bean>

when my client sends message to the server, Server receives it but it is giving the following error

2016-08-11 10:28:43,876 ERROR [org.springframework.integration.ip.tcp.connection.TcpNetConnection] Read exception localhost.localdomain:38953:7770:34253f9c-125a-452d-8476-9a35ff7b9197 SSLHandshakeException:no cipher suites in common

I appreciate any help to fix this issue?

I am using JDK 1.8 in both the server and client. Here is the client log When I ran with -Djavax.net.debug=SSL,handshake:

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
%% No cached client session
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1454103715 bytes = { 29, 54, ... }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
main, WRITE: TLSv1.2 Handshake, length = 193
main, READ: TLSv1.2 Alert, length = 2
main, RECV TLSv1.2 ALERT:  fatal, handshake_failure
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure

javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:154)
        at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)

UPDATE: Server log with -Djavax.net.debug=all

Allow unsafe renegotiation: false
Allow legacy hello messages: true
Is initial handshake: true
Is secure renegotiation: false
taskExecutor-1, setSoTimeout(10000) called
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Ignoring unavailable cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Ignoring unavailable cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1
Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for TLSv1.1
Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for TLSv1.1
[Raw read]: length = 5
0000: 16 03 03 00 C1                                     .....
[Raw read]: length = 193
0000: 01 00 00 BD 03 03 57 AC   F9 35 A0 BD 75 F9 D4 EE  ......W..5..u...
0010: 5B 71 66 FD E6 06 67 35   E4 26 D9 74 73 56 FC 74  [qf...g5.&.tsV.t
0020: C8 D7 6F C3 D5 7F 00 00   3A C0 23 C0 27 00 3C C0  ..o.....:.#.'.<.
0030: 25 C0 29 00 67 00 40 C0   09 C0 13 00 2F C0 04 C0  %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0   2F 00 9C C0 2D C0 31 00  ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00   0A C0 03 C0 0D 00 16 00  ................
0060: 13 00 FF 01 00 00 5A 00   0A 00 34 00 32 00 17 00  ......Z...4.2...
0070: 01 00 03 00 13 00 15 00   06 00 07 00 09 00 0A 00  ................
0080: 18 00 0B 00 0C 00 19 00   0D 00 0E 00 0F 00 10 00  ................
0090: 11 00 02 00 12 00 04 00   05 00 14 00 08 00 16 00  ................
00A0: 0B 00 02 01 00 00 0D 00   18 00 16 06 03 06 01 05  ................
00B0: 03 05 01 04 03 04 01 03   03 03 01 02 03 02 01 02  ................
00C0: 02                                                 .

taskExecutor-2, READ: TLSv1.2 Handshake, length = 193
*** ClientHello, TLSv1.2
RandomCookie:  GMT: 1454111029 bytes = { 160, 189, 117, 249, 212, 238, 91, 113, 102, 253, 230, 6, 103, 53, 228, 38, 217, 116, 115, 86, 252, 116, 200, 215, 111, 195, 213, 127 }
Session ID:  {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods:  { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
***
[read] MD5 and SHA1 hashes:  len = 193
0000: 01 00 00 BD 03 03 57 AC   F9 35 A0 BD 75 F9 D4 EE  ......W..5..u...
0010: 5B 71 66 FD E6 06 67 35   E4 26 D9 74 73 56 FC 74  [qf...g5.&.tsV.t
0020: C8 D7 6F C3 D5 7F 00 00   3A C0 23 C0 27 00 3C C0  ..o.....:.#.'.<.
0030: 25 C0 29 00 67 00 40 C0   09 C0 13 00 2F C0 04 C0  %.).g.@...../...
0040: 0E 00 33 00 32 C0 2B C0   2F 00 9C C0 2D C0 31 00  ..3.2.+./...-.1.
0050: 9E 00 A2 C0 08 C0 12 00   0A C0 03 C0 0D 00 16 00  ................
0060: 13 00 FF 01 00 00 5A 00   0A 00 34 00 32 00 17 00  ......Z...4.2...
0070: 01 00 03 00 13 00 15 00   06 00 07 00 09 00 0A 00  ................
0080: 18 00 0B 00 0C 00 19 00   0D 00 0E 00 0F 00 10 00  ................
0090: 11 00 02 00 12 00 04 00   05 00 14 00 08 00 16 00  ................
00A0: 0B 00 02 01 00 00 0D 00   18 00 16 06 03 06 01 05  ................
00B0: 03 05 01 04 03 04 01 03   03 03 01 02 03 02 01 02  ................

00C0: 02                                                 .
%% Initialized:  [Session-1, SSL_NULL_WITH_NULL_NULL]
%% Invalidated:  [Session-1, SSL_NULL_WITH_NULL_NULL]
taskExecutor-2, SEND TLSv1.2 ALERT:  fatal, description = handshake_failure
taskExecutor-2, WRITE: TLSv1.2 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 03 00 02 02 28                               ......(
taskExecutor-2, called closeSocket()
taskExecutor-2, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
taskExecutor-2, called close()
taskExecutor-2, called closeInternal(true)
2016-08-11 18:16:21,321 ERROR [org.springframework.integration.ip.tcp.connection.TcpNetConnection] Read exception nyx.clv.clverify.com:48493:7770:295eca46-10ca-407b-911e-7fd81e8a540d SSLHandshakeException:no cipher suites in common

It seems there are no cipher suites in common. I am wondering why there are no common cipher suites if we run Server and Client with the same version of JDK 8?

is there a way to configure the location of cipher suites in DefaultTcpSSLContextSupport?

Please suggest any pointers on how to fix this issue?

Thanks

Try `-Djavax.net.debug=all` (on both sides) - you'll get many more diagnostics. — Gary Russell, Aug 11 '16 at 22:04
Please see my update with logs and appreciate if you can suggest any ideas to fix the issue. — kevin, Aug 11 '16 at 22:31
This can mean that the server can't find its own private key and certificate. — user207421, Aug 12 '16 at 01:10
Take a look here, please: http://stackoverflow.com/questions/15076820/java-sslhandshakeexception-no-cipher-suites-in-common — Artem Bilan, Aug 12 '16 at 01:20
There is some other answer for similar problem: http://stackoverflow.com/questions/15405581/no-cipher-suites-in-common-while-establishing-a-secure-connection. — Artem Bilan, Aug 12 '16 at 01:27

score 1 · Accepted Answer · answered Aug 12 '16 at 12:21

That doesn't appear to be an all debug log - I suggest you run the following test case (from the framework tests)...

@Test
public void testNetClientAndServerSSLDifferentContexts() throws Exception {
    System.setProperty("javax.net.debug", "all"); // SSL activity in the console
    TcpNetServerConnectionFactory server = new TcpNetServerConnectionFactory(0);
    TcpSSLContextSupport serverSslContextSupport = new DefaultTcpSSLContextSupport("server.ks",
            "server.truststore.ks", "secret", "secret");
    DefaultTcpNetSSLSocketFactorySupport serverTcpSocketFactorySupport =
            new DefaultTcpNetSSLSocketFactorySupport(serverSslContextSupport);
    serverTcpSocketFactorySupport.afterPropertiesSet();
    server.setTcpSocketFactorySupport(serverTcpSocketFactorySupport);
    final List<Message<?>> messages = new ArrayList<Message<?>>();
    final CountDownLatch latch = new CountDownLatch(1);
    server.registerListener(new TcpListener() {

        @Override
        public boolean onMessage(Message<?> message) {
            messages.add(message);
            latch.countDown();
            return false;
        }

    });
    server.start();
    TestingUtilities.waitListening(server, null);

    TcpNetClientConnectionFactory client = new TcpNetClientConnectionFactory("localhost", server.getPort());
    TcpSSLContextSupport clientSslContextSupport = new DefaultTcpSSLContextSupport("client.ks",
            "client.truststore.ks", "secret", "secret");
    DefaultTcpNetSSLSocketFactorySupport clientTcpSocketFactorySupport =
            new DefaultTcpNetSSLSocketFactorySupport(clientSslContextSupport);
    clientTcpSocketFactorySupport.afterPropertiesSet();
    client.setTcpSocketFactorySupport(clientTcpSocketFactorySupport);
    client.start();

    TcpConnection connection = client.getConnection();
    connection.send(new GenericMessage<String>("Hello, world!"));
    assertTrue(latch.await(10, TimeUnit.SECONDS));
    assertEquals("Hello, world!", new String((byte[]) messages.get(0).getPayload()));
}

The debug log starts like this...

***
found key for : sitestserver
chain [0] = [
[
  Version: V3
  Subject: CN=Spring Integration Test Server, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
  Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5

  Key:  Sun RSA public key, 1024 bits
  modulus: 145953694279918711466593323385178894247518594695766350354036273697592524406041558890428426220351711997889835331198023000923126848152011583237597808196751267657648195434943824515101123741288592866628375132742429927417934808064049810040188644453056781002083733535076342958460726082218474705117624658622289918247
  public exponent: 65537
  Validity: [From: Sat Feb 25 14:31:38 EST 2012,
               To: Mon Feb 01 14:31:38 EST 2112]
  Issuer: CN=Spring Integration Test Server, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
  SerialNumber: [    4f49371a]

]
  Algorithm: [SHA1withRSA]
  Signature:
0000: AC 69 48 78 22 9F 32 3F   88 2F DB 49 53 87 F1 10  .iHx".2?./.IS...
0010: 64 D3 30 22 0D 04 13 90   07 9B 0E 9A FB 1F 65 97  d.0"..........e.
0020: 5D 2D C1 C6 A1 8A C5 C7   16 71 A9 47 95 C2 FF D5  ]-.......q.G....
0030: 1D 10 06 51 EE 64 37 A9   D3 B0 69 F9 84 5B 9D 1D  ...Q.d7...i..[..
0040: E1 6C C0 48 31 FD 82 10   B5 D4 56 D4 76 2D DE EB  .l.H1.....V.v-..
0050: B2 66 1F B6 D1 C3 AA E2   E6 8D 4B B6 05 BC F0 88  .f........K.....
0060: 7B BC 81 B1 C2 BB 3D 1C   0A AD 5B 29 55 94 05 2C  ......=...[)U..,
0070: 5B 5C 44 82 54 90 5F B4   70 EA 10 45 AC A0 5F 2B  [\D.T._.p..E.._+

]
***
adding as trusted cert:
  Subject: CN=Spring Integration Test Client, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
  Issuer:  CN=Spring Integration Test Client, OU=SpringSource, O=VMware, L=Palo Alto, ST=CA, C=US
  Algorithm: RSA; Serial number: 0x4f4936f4
  Valid from Sat Feb 25 14:31:00 EST 2012 until Mon Feb 01 14:31:00 EST 2112

trigger seeding of SecureRandom
done seeding SecureRandom
Ignoring unavailable cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Ignoring unavailable cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA
...

Thanks Gary for your suggestions. It seems the keystore that I was using was corrupted. After I replaced with newly generated keystore file, error has gone. "no cipher suites in common" exception given by JVM is misleading and it is always logged with the option -Djavax.net.debug=a‌ll (at least in JDK 1.8) — kevin, Aug 15 '16 at 16:27

SSLHandshakeException:no cipher suites in common in spring integration TCP Server

1 Answers1