Using symmetric key(tls-psk) to configure SSL on Jetty

Asked Dec 31 '16 at 09:51

Active Jan 02 '17 at 14:18

Viewed 388 times

I have already successfully used asymmetric keys and certificate to configure SSL on jetty by following this website.
Now, I want to used symmetric key to configure SSL on jetty.
I used keytool to generate the symmetric key by following command:

keytool -genseckey -alias mykey -keyalg AES -keysize 256 -storetype jceks -keystore mykeystore

Then, I configure the keystore and its password on jetty.

org.eclipse.equinox.http.jetty.https.enabled=true
org.eclipse.equinox.http.jetty.https.port=8443
org.eclipse.equinox.http.jetty.ssl.password=password
org.eclipse.equinox.http.jetty.ssl.keypassword= password
org.eclipse.equinox.http.jetty.ssl.keystore=/Users/user/key/mykeystore 
org.eclipse.equinox.http.jetty.ssl.protocol=TLSv1.2

When I use Chrome to connect to the website, the website shows:

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Does Jetty support this way by using symmetric key(tls-psk) to configure SSL?

edited Jun 20 '20 at 09:12

Community

asked Dec 31 '16 at 09:51

klichen

Check the error from Chrome. The encryption may be insecure and cause this error message. – Konrad Dec 31 '16 at 12:31
I think [Jetty does not support TLS-PSK](http://dev.eclipse.org/mhonarc/lists/jetty-users/msg07378.html) yet. You could try using stunnel as reverse proxy in front of Jetty to workaround this... – Alexander Farber Jan 02 '17 at 16:10

Using symmetric key(tls-psk) to configure SSL on Jetty

ERR_SSL_VERSION_OR_CIPHER_MISMATCH

0 Answers0