Uploaded image for project: 'Harmony'
  1. Harmony
  2. HARMONY-4682

[classlib][crypto] SSL_* ciphers are not supported

Add voteWatch issue
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Classlib
    • None
    • Unknown

    Description

      Harmony does not support such a cipher as SSL_DH_anon_WITH_RC4_128_MD5. As well as other SSL_* ciphers. I know that both prefixes (SSL_ and currently supported in Harmony TLS_) are quite correct but Oracle Application Server's Web console does demand SSL_*. It fails with quote:

      — cut here —
      07/08/26 07:05:02 SEVERE: CoreRemoteMBeanServer.fetchMBeanServerEjbRemote Error reading application-client descriptor: Error communicating with server: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.; nested exception is:
      javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.] for URL: ormis://box:12701/defaultjavax.naming.NamingException: Error reading application-client descriptor: Error communicating with server: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.; nested exception is:
      javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.] [Root exception is java.lang.InstantiationException: Error communicating with server: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.; nested exception is:
      javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.]]
      (. . .)
      at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java)
      at javax.naming.InitialContext.initializeDefaultInitCtx(InitialContext.java:248)
      at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:278)
      at javax.naming.InitialContext.internalInit(InitialContext.java:217)
      at javax.naming.InitialContext.<init>(InitialContext.java:149)
      (. . .)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
      (. . .)
      at java.lang.Thread.run(Thread.java:662)
      Caused by: java.lang.InstantiationException: Error communicating with server: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.; nested exception is:
      javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.]
      (. . .)
      ... 47 more
      Caused by: . . .: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.; nested exception is:
      javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.]
      (. . .)
      ... 48 more
      Caused by: javax.naming.CommunicationException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported. [Root exception is java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.]
      (. . .)
      ... 53 more
      Caused by: java.io.IOException: SSL_DH_anon_WITH_RC4_128_MD5 is not supported.
      (. . .)
      ... 55 more
      — cut here —

      The Web console is a quite important to work with Oracle App Server: for watching current performance indicators, tuning etc.
      Please note that the hackish patch (ciphersuite_hack.patch) cures the situation. THIS IS NOT THE FIX but just a demonstration that the root problem is here. Probably some kind of cipher name aliasing is one of possible solutions here.

      Attachments

        1. ciphersuite_hack.patch
          2 kB
          Sergey Dmitriev

        Issue Links

          Activity

            People

              Unassigned Unassigned
              sergey.dmitriev Sergey Dmitriev

              Dates

                Created:
                Updated:

                Slack

                  Issue deployment