SSLHandshakeException: no cipher suites in common

Question

Followed the instructions here and recreated certificates that I previously incorrectly created. Something has changed as I am now seeing javax.net.ssl.SSLHandshakeExc

Answer 1

As an alternative to passing trustStores as JVM argument, -Djavax.net.ssl.trustStore=, one can also add truststores to SSLContext and then create SSLSocketFactory as the following snippet,

SSLContext ctx;
KeyManagerFactory kmf;
TrustManagerFactory tmf;
KeyStore ks;
TrustManager tm;

ctx = SSLContext.getInstance("TLS");

kmf = KeyManagerFactory.getInstance("SunX509");
ks = KeyStore.getInstance("JKS");
ks.load(new FileInputStream(privateKey), passPhrase.toCharArray());
kmf.init(ks, passphrase);

KeyStore trustKeyStore = KeyStore.getInstance("JKS");
trustKeyStore.load(new FileInputStream(trustStore), trustPassPhrase.toCharArray());

TrustManagerFactory trustMgrFactory = TrustManagerFactory.getInstance("SUNX509");
trustMgrFactory.init(trustKeyStore);

ctx.init(kmf.getKeyManagers(), trustMgrFactory.getTrustManagers(), null);

SSLSocketFactory f = (SSLSocketFactory) ctx.getSocketFactory();

SSLSocket s = (SSLSocket) f.createSocket(serverIp, serverPort);

Note: This client socket does both client as well as server authentication. If you want to disable client authentication, pass null as first argument while initializing SSLContext ctx.