No cipher suites in common when firefox tries to establish a connection via camel-websocket
Issue
When firefox tries to establish a connection with camel-websocket, I get the following error from jetty :
*** ClientHello, TLSv1
RandomCookie: GMT: 1322574359 bytes = { 1, 105, 77, 29, 32, 118, 178, 229, 123, 19, 219, 199, 29, 92, 97, 124, 43, 190, 52, 250, 232, 60, 193, 97, 1, 222, 94, 205 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x88,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x84, TLS_RSA_WITH_AES_256_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 0 }
Unsupported extension server_name, [host_name: localhost]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data:
***
qtp449856710-36, fatal error: 40: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
qtp449856710-36, SEND TLSv1 ALERT: fatal, description = handshake_failure
qtp449856710-36, WRITE: TLSv1 Alert, length = 2
[ qtp449856710-36] ssl DEBUG [Session-1, SSL_NULL_WITH_NULL_NULL]
SslConnection@78c0dc2 SSL NEED_WRAP i/o/u=0/0/0 ishut=false oshut=false
{AsyncHttpConnection@7bdb3f6c,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},
p=HttpParser{s=-14,l=0,c=0},r=0} NEED_WRAP filled=0/0 flushed=0/0
qtp449856710-36, fatal: engine already closed.
Rethrowing javax.net.ssl.SSLHandshakeException: no cipher suites in common
[ qtp449856710-36] ssl DEBUG SCEP@5284b8f9{l(/127.0.0.1:50896)<-
>r(/127.0.0.1:8443),d=true,open=true,ishut=false,oshut=false,rb=false,wb=false,w=true,i=0r}-
{SslConnection@78c0dc2 SSL NEED_WRAP i/o/u=0/0/0 ishut=false oshut=false
{AsyncHttpConnection@7bdb3f6c,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},
p=HttpParser{s=-14,l=0,c=0},r=0}}
javax.net.ssl.SSLHandshakeException: no cipher suites in common
Remark : That works fine with Google Chrome and Safari
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, Unknown 0x0:0x88, Unknown 0x0:0x87,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, Unknown
0x0:0x84, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, Unknown 0x0:0x45, Unknown 0x0:0x44,
SSL_DHE_DSS_WITH_RC4_128_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, Unknown 0x0:0x96, Unknown 0x0:0x41,
SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA]
Compression Methods: { 1, 0 }
[ss/jquery-ui-1.8.19.custom.css] ssl DEBUG [Session-1, SSL_NULL_WITH_NULL_NULL] unwrap OK NOT_HANDSHAKING consumed=37 produced=1
Unsupported extension server_name, [host_name: localhost]
Extension renegotiation_info, renegotiated_connection: <empty>
Extension elliptic_curves, curve names: {secp256r1, secp384r1, secp521r1}
Extension ec_point_formats, formats: [uncompressed]
Unsupported extension type_35, data:
Unsupported extension type_13172, data:
***
qtp194173719-48, WRITE: TLSv1 Change Cipher Spec, length = 1
[ qtp194173719-49] ssl DEBUG [Session-1, SSL_NULL_WITH_NULL_NULL]
SslConnection@23053693 SSL NOT_HANDSHAKING i/o/u=746/0/0 ishut=false oshut=false
{AsyncHttpConnection@2b41fedb,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},
p=HttpParser{s=-14,l=0,c=-3},r=5} NOT_HANDSHAKING filled=746/746 flushed=0/0
%% Resuming [Session-3, TLS_DHE_DSS_WITH_AES_256_CBC_SHA]
Environment
- Fuse Message Broker 5.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.