powered by Jive Software

Keytool and certificates not password protected

Hi

I am trying to use wilfire as the IM infrastructure in my environment,but only with all the traffic encrypted.

My organization have its own certificates issued by a known CA and i am trying to import them in the jive keystore using both the web interface and the keytool command line.

I imported them succesfully,but still SSL and TLS connections do not work,and in the log i can see this error:

javax.net.ssl.SSLException: No available certificate or key corresponds to the SSL cipher suites which are enabled.

I searched this forum for a solution and found this:

http://www.jivesoftware.org/community/thread.jspa?messageID=98454

I followed the steps of the thread and of the web pages linked but with no success.

Lurking the web deeper in search of the cause of the error i found those:

http://www.orionserver.com/docs/ssl.html

http://www.deitel.com/books/advjHTP1/advjHTP1_faq.html

I paste the relevant parts here:

No available certificate corresponds to the SSL cipher suites which are enabled - One known reason is that different passwords has been used for the certificate and the Keystore. In this case, use the Keytool to change the password of the certificate to match the password of the Keystore.

why do I get the exception “javax.net.ssl.SSLException: No available certificate corresponds to the SSL cipher suites which are enabled.”?

The JSSE implementation does not support separate passwords for a keystore and for the certificate in the keystore.

Our certificates and keys are not password protected,so i fear that we won’'t be able to use them for the jive server because of this bug in keytools.

Am i right in the previous assertion? or (as i hope) there actually is a way to use non-password protected keys and certificates in a wildfire server?