Getting IllegalArgumentException while adding ECDHE ciphers to sslcontext cipher list

[Ömer Barış Karaer]

Hi All

I m trying to add any of ECDHE ciphers of the list to io.netty.handler.ssl.SslContext  and I'm getting exception.Im using jre1.6.0_121 and jboss5.0 

Does anybody  know that how can i add any of this ciphers to the list?

Thanks in advance

java.lang.IllegalArgumentException: Cannot support TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA with currently installed providers

at com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.setEnabledCipherSuites(Unknown Source)

list 

(TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA)

[Norman Maurer]

As far as I know this cipher is not provided by java6 (only in java7+).

See also:

http://stackoverflow.com/questions/26645554/how-to-support-tls-ecdhe-rsa-with-aes-128-cbc-sha-in-java6

--
You received this message because you are subscribed to the Google Groups "Netty discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to netty+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/netty/c92737db-b969-4cf5-8a19-d9140fcd03bb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ömer Barış Karaer]

Actually I am adding those three which are shown supported both with java 6 and 7 at the oracle JCA 

page http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

to the cipher list 

The whole exception message is like below :

java.lang.IllegalArgumentException: Cannot support TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA with currently installed providers

at com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(Unknown Source)

at com.sun.net.ssl.internal.ssl.SSLEngineImpl.setEnabledCipherSuites(Unknown Source)

at io.netty.handler.ssl.JdkSslContext.newEngine(JdkSslContext.java:185)

at io.netty.handler.ssl.SslContext.newHandler(SslContext.java:823)

at com.genband.wae.client.restful.websocket.WebSocketServerInitializer.initChannel(WebSocketServerInitializer.java:30)

at com.genband.wae.client.restful.websocket.WebSocketServerInitializer.initChannel(WebSocketServerInitializer.java:15)

at io.netty.channel.ChannelInitializer.channelRegistered(ChannelInitializer.java:69)

at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRegistered(AbstractChannelHandlerContext.java:133)

at io.netty.channel.AbstractChannelHandlerContext.fireChannelRegistered(AbstractChannelHandlerContext.java:119)

at io.netty.channel.DefaultChannelPipeline.fireChannelRegistered(DefaultChannelPipeline.java:733)

at io.netty.channel.AbstractChannel$AbstractUnsafe.register0(AbstractChannel.java:450)

at io.netty.channel.AbstractChannel$AbstractUnsafe.access$100(AbstractChannel.java:378)

at io.netty.channel.AbstractChannel$AbstractUnsafe$1.run(AbstractChannel.java:424)

at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:357)

at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:357)

at io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:111)

at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:137)

at java.lang.Thread.run(Unknown Source)

On Wednesday, September 28, 2016 at 12:01:44 PM UTC+3, Norman Maurer wrote:,