Menu
▾
▴
Re: [Quickfixj-users] SSL Configuration
|
From: Christoph J. <chr...@ma...> - 2018-06-19 20:57:00
|
Hi, I assume you have already checked the following page: https://quickfixj.org/usermanual/2.0.0//usage/secure_communications.html There also is a test SSLCertificateTest in the repo that has some examples. IIRC I only configured the Initiator side of a FIX connection for SSL and used a keystore. The counterparty provided the certificate. I also assume that you use a current Java version on both sides of the connection? Older versions might not support some ciphers. Cheers, Chris. Am 19. Juni 2018 20:39:30 MESZ schrieb eri...@th...: >QuickFIX/J Documentation: http://www.quickfixj.org/documentation/ >QuickFIX/J Support: http://www.quickfixj.org/support/ > > >I’m having a hard time getting SSL working on Linux. > >I’m trying to use a self-signed certificate on a Acceptor. > >I generated a keystore with: > >keytool -genkey -keyalg RSA -alias foobar -keystore foobar.jks >-storepass foobar -validity 360 -keysize 2048 > >And I am configuring the acceptor to use it with: > >SocketUseSSL=Y >SocketKeyStore=foobar.jks >SocketKeyStorePassword=foobar > >It seems to be opening the keystore ok, but regardless of what I try I >end up with: > >Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in >common > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) > >When I try to accept a session. > >1) Do I need to configure CipherSuites? Which ones? I am having trouble >figuring out how to figure that out. > >2) Does the client need a keystore? I’m only trying to encrypt, not >authenticate. I’ve tried it with and without, same result. > > >------------------------------------------------------------------------------ >Check out the vibrant tech community on one of the world's most >engaging tech sites, Slashdot.org! http://sdm.link/slashdot >_______________________________________________ >Quickfixj-users mailing list >Qui...@li... >https://lists.sourceforge.net/lists/listinfo/quickfixj-users |
