Hi, Vrinda
I would like to test dicom communication with tls settings.
My environment is;
- win11
- dcm4che 5.29.0
- java jdk 8
Test procedures;
- run dcmqrscp with tls, then,
- run storescu with tls
Senario 1 :Use with mykey and mycacert
my command;
(from cdm win1)
>dcmqrscp -b DCMQRSCP:11112 --dicomdir ./tls-test/DICOMDIR --key-pass secret_key --key-store mykey.p12 --key-store-pass secret_key --trust-store mycacert.p12 --trust-store-pass secret_cacert --tls-noauth --tls --tls13
(from cdm win2)
>"C:\Program Files\dcm4che-5.29.0\bin\storescu" -c DCMQRSCP@localhost:11112 C:\Users\tatsu\Desktop\sample --key-pass secret_key --key-store mykey.p12 --key-store-pass secret_key --trust-store mycacert.p12 --trust-store-pass secret_cacert --tls-noauth --tls --tls13
Results
Scanning files to send
...............
Scanned 15 files in 0.154s (=10ms/file)
13:56:17.436 INFO - Initiate connection from
0.0.0.0/0.0.0.0:0 to localhost:11112
storescu: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:170)
at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:221)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:443)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
at org.dcm4che3.net.Connection.createTLSSocket(Connection.java:1190)
at org.dcm4che3.net.Connection.connect(Connection.java:1077)
at org.dcm4che3.net.ApplicationEntity.connect(ApplicationEntity.java:648)
at org.dcm4che3.net.ApplicationEntity.connect(ApplicationEntity.java:668)
at org.dcm4che3.tool.storescu.StoreSCU.open(StoreSCU.java:542)
at org.dcm4che3.tool.storescu.StoreSCU.main(StoreSCU.java:285)
Senario 2 :Use default key and cacert
(from cdm win1)
>dcmqrscp -b DCMQRSCP:11112 --dicomdir ./tls-test/DICOMDIR --tls --tls13
(from cmd win2)
>"C:\Program Files\dcm4che-5.29.0\bin\storescu" -c DCMQRSCP@localhost:11112 C:\Users\tatsu\Desktop\sample --tls --tls13
Result
Scanning files to send
...............
Scanned 15 files in 0.159s (=10ms/file)
13:58:58.950 INFO - Initiate connection from
0.0.0.0/0.0.0.0:0 to localhost:11112
storescu: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
javax.net.ssl.SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate)
at java.base/sun.security.ssl.HandshakeContext.<init>(HandshakeContext.java:170)
at java.base/sun.security.ssl.ClientHandshakeContext.<init>(ClientHandshakeContext.java:98)
at java.base/sun.security.ssl.TransportContext.kickstart(TransportContext.java:221)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:443)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:421)
at org.dcm4che3.net.Connection.createTLSSocket(Connection.java:1190)
at org.dcm4che3.net.Connection.connect(Connection.java:1077)
at org.dcm4che3.net.ApplicationEntity.connect(ApplicationEntity.java:648)
at org.dcm4che3.net.ApplicationEntity.connect(ApplicationEntity.java:668)
at org.dcm4che3.tool.storescu.StoreSCU.open(StoreSCU.java:542)
at org.dcm4che3.tool.storescu.StoreSCU.main(StoreSCU.java:285)
It would be helpful if you could tell me how to do this correctly.
Tatsuaki