"java.net.SocketException: SSL handshake errorjavax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled."
Strangely enough, if I FIRST create a self-signed entry in my keystore before i import my CA signed-certificate, it works. Although this shouldn't be the case. =(
For instance, if I first do this:
keytool -genkey -keyalg "RSA" -keystore newKeystore -validity 3650
And then this:
keytool -import -trustcacerts -file myCASignedFile.cer -keystore newKeystore -alias myCASignedFile
It seems to work. But it should work with just myCASignedFile.cer in my keystore I think....
It's easiest to start with keytool to generate the private key and CSR, if you plan to have a working keystore when you import the signed certificate.
Are you sure the entries in your keystore are getting chained correctly?
It's pretty easy to unknowingly import a certificate that isn't. Make sure you are understanding the output of "keytool -v -list ..."
Have a look at http://mark.foster.cc/kb/openssl-keytool.html and http://mark.foster.cc/kb/keytool for more info.
-- Some days it's just not worth chewing through the restraints... Mark D. Foster, CISSP <[EMAIL PROTECTED]> http://mark.foster.cc/
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
