TIBCO Enterprise Administrator (TEA) reports "SSLHandshakeException: no cipher suites in common" when using IBM JRE

book

Article ID: KB0082252

calendar_today

Updated On:

Products	Versions
TIBCO Enterprise Administrator (TEA)	2.2.x, 2.3.0

Description

After configuring one-way or two-way SSL authentication, TIBCO Enterprise Administrator (TEA) GUI can not be accessed from browser, and SSLHandshakeException can be seen in tea.log.
<-------
javax.net.ssl.SSLHandshakeException: no cipher suites in common
        at com.ibm.jsse2.C.z(C.java:574)
        at com.ibm.jsse2.ap.b(ap.java:606)
        at com.ibm.jsse2.ap.a(ap.java:512)
        at com.ibm.jsse2.ap.unwrap(ap.java:572)
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:11)
        at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:582)
        at org.eclipse.jetty.server.HttpConnection.fillRequestBuffer(HttpConnection.java:322)
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:231)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
        at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:240)
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283)
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:108)
        at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93)
        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303)
        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148)
        at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589)
        at java.lang.Thread.run(Thread.java:785)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
        at com.ibm.jsse2.j.a(j.java:12)
        at com.ibm.jsse2.ap.a(ap.java:133)
        at com.ibm.jsse2.C.a(C.java:441)
        at com.ibm.jsse2.C.a(C.java:138)
        at com.ibm.jsse2.E.b(E.java:827)
        at com.ibm.jsse2.E.a(E.java:633)
        at com.ibm.jsse2.E.a(E.java:870)
        at com.ibm.jsse2.C.r(C.java:69)
        at com.ibm.jsse2.C$b.a(C$b.java:4)
        at com.ibm.jsse2.C$b.run(C$b.java:1)
        at java.security.AccessController.doPrivileged(AccessController.java:686)
        at com.ibm.jsse2.C$c.run(C$c.java:3)
        at org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:676)
        ... 14 common frames omitted
---->

This only happens when using IBM JRE. The same configuration may work fine while using Oracle JRE.

Environment

OS: AIX/Linux

Resolution

Add "java.property.com.ibm.jsse2.overrideDefaultTLS=true" in tea.tra

Issue/Introduction

TEA reports "SSLHandshakeException: no cipher suites in common" when using IBM JRE

Additional Information

https://www.ibm.com/support/knowledgecenter/en/SSYKE2_8.0.0/com.ibm.java.security.component.80.doc/security-component/jsse2Docs/matchsslcontext_tls.html

Feedback

thumb_up Yes

thumb_down No

Welcome to "KB Articles"