Error:'' No available certificate corresponds to the SSL cipher suites which are enabled''

Solution ID:    SO10061
Version:    2.0
Published:    12/13/2007
Updated:    09/11/2008

Problem

Error:"javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled"
 
Error occurs when connecting

Cause

This error message occurs for the following reasons:
 
1. You may have created your key pair using the DSA algorithm. By default, certificates created with keytool use DSA public keys.
 
2. You may be Importing the certificate into the incorrect keystore.
 
3. There is no trusted certificate chain present when importing the certificate. 

 

Solution

1. By default, certificates created with keytool use DSA public keys.
 
You should create certificates that use RSA-based keys.

To do this, you need to specify the -keyalg RSA option when using keytool. For example, when you create the private key, stipulate RSA as the key algorithm:

keytool -genkey -alias test -keyalg RSA

-keystore ~/.keystore

Then when you create the certificate request, stipulate RSA as the signature algorithm:

keytool -certreq -alias test -sigalg MD5withRSA

-keystore ~/.keystore
 
 
2. Importing the certificate into the incorrect keystore
 
 
Please import the certificate into the correct keystore file which contains the certificates corresponding private key file.
 
 
3. There is no trusted certificate chain present when importing the certificate
 
 
Please use the '-trustcacerts' option in your command when importing the certificate into the keystore.

keytool -import -alias [keyentry alias in keystore] -trustcacerts -file mythawtecert.crt  -keystore [keystore name]

Legacy ID

vs7948

Disclaimer:

Thawte has made efforts to ensure the accuracy and completeness of the information in this document. However, Thawte makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. Thawte assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, Thawte assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. Thawte reserves the right to make changes to any information herein without further notice.  

Knowledge Center


Search Tips