That might be your problem, Verisign doesn't have a 128bit Javasoft key.
When we asked for a 128bit Javasoft key, we got a lot of confusing
responses, eventually discovering that tho they don't have one, they are
perfectly happy to send you the 40 bit one, and tell you it's 128bit. then
when it doesn't work, someone else will tell you "of course we don't have
a 128 bit key, where did you hear that?" One of our developers also had
several long talks with their tech support explaining the concept of DNS,
hostnames, etc.
They do have a 128bit Netscape key, so you might try that, we were able to
get it to work. They agreed to re-run our keys several times, and will
give you your money back on keys that don't work.
-Lkb
On Fri, 3 Nov 2000, Raymond Pancura wrote:
> We are using the US release of the JSSE version 1.0.2. The cert was
> provided by verisign for a keysize of 1024 bits. The keyalg we used to
> generate the key was "RSA". The provider we choose when we made the cert
> request was JavaSoft (it was the closes on the list).
>
> I have just had verisign reissue the cert using a 512-bit key. If this
> works I will let everyone know. If anyone else has any ideas I would REALLY
> like to hear from you.
>
> Thanks
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Lorin
> Kobashigawa-Bates
> Sent: November 3, 2000 2:23 PM
> To: Orion-Interest
> Subject: Re: 128-bit SSL
>
>
> Which JSSE are you using? If it's the one packaged with Orion, you have
> ot go and get the US one from Javasoft.
>
> Which 128bit key are you using? We were successful using the Netscape
> 128bit key, but it was kind of tricky, we ended up having to re-run the
> key several times because of hostname mixups.
>
> -Lkb
>
> On Fri, 3 Nov 2000, Raymond Pancura wrote:
>
> > Has anyone been successful in configuring Orion to use 128-bit SSL
> (1024-bit
> > public key in cert)? I don't have a problem with the test certs, but they
> > only allow 40-bit (512-bit key in cert). Whenever I try to start Orion, I
> > get the following message:
> > Licensed to e-plicity.com
> > Orion/1.3.8 initialized
> > Error listening to SSLServerSocket: No available certificate corresponds
> to
> > the
> > SSL cipher suites which are enabled.
> > The production certificate from Verisign has been imported into our
> > keystore.
> >
> > Does anybody know if this is an Orion problem or a JSSE issue? I am at a
> > loss.
> >
> >
>
>
>
>
