SSL handshake failed.

Hello All

I am setting this OFTP2 server.

Our Partner uses a Gateway service.
So we setup (automatically) after buying a Certificate from Mendelson.

We have Three Partners:
customer - Local Station, Has my Odetta ID, and in security is using the Key 2 from Mendelson ( mendelson Key 1-4 are the only options).
Gateway - Remote Partner, using the SSID, direct Connection and uses the Dealer Certificate. and has the IP etc setup to talk to thier Server.
Dealer - Remote Partner, using SFID, has My real purchased Certifcate setup in security, and routs thru the Gateway above.

I have gotten so far done, that I can send them Files without any issue.

However when they send us a file vil port 6619 SSL,

Oftp2 Log information

[Apr 5, 2018 1:10:54 PM] A processing problem occured. This could have several reasons, for further information please have a look at "C:\mendelson\opensource\oftp2\log\20180405\systemactivity.log".
[Apr 5, 2018 1:10:54 PM] [Session 20180405131054-3] SSL handshake failed.

System Activity Log

javax.net.ssl.SSLHandshakeException: SSL handshake failed.
at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:519)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:542)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1300(DefaultIoFilterChain.java:48)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:947)
at org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:109)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:542)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:535)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:703)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:659)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:648)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1120)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Handshaker.checkThrown(Unknown Source)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(Unknown Source)
at sun.security.ssl.SSLEngineImpl.writeAppRecord(Unknown Source)
at sun.security.ssl.SSLEngineImpl.wrap(Unknown Source)
at javax.net.ssl.SSLEngine.wrap(Unknown Source)
at org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:601)
at org.apache.mina.filter.ssl.SslHandler.messageReceived(SslHandler.java:360)
at org.apache.mina.filter.ssl.SslFilter.messageReceived(SslFilter.java:500)
... 15 more
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLEngineImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ServerHandshaker.chooseCipherSuite(Unknown Source)
at sun.security.ssl.ServerHandshaker.clientHello(Unknown Source)
at sun.security.ssl.ServerHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker$1.run(Unknown Source)
at sun.security.ssl.Handshaker$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Unknown Source)
at org.apache.mina.filter.ssl.SslHandler.doTasks(SslHandler.java:793)
at org.apache.mina.filter.ssl.SslHandler.handshake(SslHandler.java:567)

There is a notice when starting OFTP on the bottom 1 configuration issue, "No Key found in SSL Store"

I have checked teh Certificates, in encrpytion, signature, Mendelson Key 1 -4, mine and my dealers are in there
In Certificate TLS, I see Mine and my dealers again.

What I do notice thou is there is a difference on how they are "accepted", in TLS the certificate trust chain is comepletyl green with my dealer, however in the Excrption, signature the trust chain the trust anchoer Issuing CA is untrusted ( thou in TLS it is trusted)

Can anyone shed any light on this, I am pulling my hair out, and I dont have much left.

Much thanks
C

Foren
OFTP2

Comments

I think we may have solved it.

We we had to reinstall the software, the certifcate was imported..... but not as our own certificate.

Now the software no longer shows on the main screen "No Key found in SSL Store" and in the Certificate management the symbol for our certificate is different, and looks like a key, which our own, instead of the vcard.

We will get a new transfer attempt tomorrow, I will update if it was successful.