0

Hello since i fixed my last Problem with my KeyStore where the KeyTool had an issue I like to ask for another Problem.

Now I imported my Let's Encrypt Certificate into my KeyStore but getting following Message when Clients starts to Connect

No available authentication scheme

I tried many things out, and read here many in Stackoverflow, but I didn't come to an end.

Following Stacktrace comes:

javax.net.ssl.SSLHandshakeException: No available authentication scheme
    at sun.security.ssl.Alert.createSSLException(Alert.java:131)
    at sun.security.ssl.Alert.createSSLException(Alert.java:117)
    at sun.security.ssl.TransportContext.fatal(TransportContext.java:357)
    at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
    at sun.security.ssl.TransportContext.fatal(TransportContext.java:304)
    at sun.security.ssl.CertificateMessage$T13CertificateProducer.onProduceCertificate(CertificateMessage.java:970)
    at sun.security.ssl.CertificateMessage$T13CertificateProducer.produce(CertificateMessage.java:959)
    at sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:420)
    at sun.security.ssl.ClientHello$T13ClientHelloConsumer.goServerHello(ClientHello.java:1096)
    at sun.security.ssl.ClientHello$T13ClientHelloConsumer.consume(ClientHello.java:1032)
    at sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:716)
    at sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:683)
    at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:376)
    at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:479)
    at sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:457)
    at sun.security.ssl.TransportContext.dispatch(TransportContext.java:200)
    at sun.security.ssl.SSLTransport.decode(SSLTransport.java:154)
    at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1290)
    at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1199)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:401)
    at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:373)
    at de.bytestore.mytriox.network.server.ServerSocket$1.run(ServerSocket.java:204)
    at java.lang.Thread.run(Thread.java:748)

Heres my KeyStore File: Keystore Example

Do I need to select an Alias for the SecureSocket or do you have another Idea?

Best Regards Jan

Eugène Adell
  • 3,089
  • 2
  • 18
  • 34
Jan Heil
  • 395
  • 4
  • 13
  • If client certificate is required, have a look at Dave Thompson's [comment](https://stackoverflow.com/q/63292681/7748072) – Eugène Adell Jul 07 '21 at 12:45
  • 1
    **You created the keystore wrong.** The entries Keystore Explorer shows with type=red flower (not double gold key) are TrustedCert entries not PrivateKey (aka KeyPair) entries. For an SSL/TLS server you need a PrivateKey entry (with the chain in _one_ entry not several). This is confirmed by your '(i) properties' display which shows 'Schussel: Keine' and 'Schusselpare: Keine' (NO keys=SecretKey and NO keypairs=PrivateKey) and only Versomething Zertifikate=TrustetCert. – dave_thompson_085 Jul 07 '21 at 15:06
  • Yes, this was one error, but another error was, that i have to create all in RSA, it displays RSA but it isn't RSA it is DSA... – Jan Heil Jul 07 '21 at 15:10

1 Answers1

0

I've seen the same error in my Spring cloud gateway service. And the reason was that I created a key-store and key-alias in it without password. So, when I modified application.yaml

server:
  port: 8182
  ssl:
    enabled: true
    key-store: classpath:gateway-key-store.p12
    key-store-password:  <-empty
    key-alias: gateway-key
    key-password:  <-empty

The exception gone.

Artem Goncharenko
  • 71
  • 1
  • 6