SSLException: Keystore does not support enabled cipher suites
- by wurfkeks
I want to implement a small android application, that works as SSL Server.
After lot of problems with the right format of the keystore, I solved this and run into the next one.
My keystore file is properly loaded by the KeyStore class. But when I try to open the server socket (socket.accept()) the following error is raised:
javax.net.ssl.SSLException: Could not find any key store entries to support the enabled cipher suites.
I generated my keystore with this command:
keytool -genkey -keystore test.keystore -keyalg RSA -keypass ssltest -storepass ssltest -storetype BKS -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath bcprov.jar
with the Unlimited Strength Jurisdiction Policy for Java SE6 applied to my jre6.
I got a list of supported ciphers suites by calling
socket.getSupportedCipherSuites()
that prints a long list with very different combinations. But I don't know how to get a supported key.
I also tried the android debug keystore after converting it to BKS format using portecle but get still the same error.
Can anyone help and tell how I can generate a key that is compatible with one of the cipher suites?
Version Information:
targetSDK: 15
tested on emulator running 4.0.3 and real device running 2.3.3
BounceCastle 1.46
portecle 1.7
Code of my test application:
public class SSLTestActivity extends Activity implements Runnable {
SSLServerSocket mServerSocket;
ToggleButton tglBtn;
/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
this.tglBtn = (ToggleButton)findViewById(R.id.toggleButton1);
tglBtn.setOnCheckedChangeListener(new CompoundButton.OnCheckedChangeListener() {
@Override
public void onCheckedChanged(CompoundButton buttonView, boolean isChecked) {
if (isChecked) {
new Thread(SSLTestActivity.this).run();
} else {
try {
if (mServerSocket != null)
mServerSocket.close();
} catch (IOException e) {
Log.e("SSLTestActivity", e.toString());
}
}
}
});
}
@Override
public void run() {
try {
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(getAssets().open("test.keystore"), "ssltest".toCharArray());
ServerSocketFactory socketFactory = SSLServerSocketFactory.getDefault();
mServerSocket = (SSLServerSocket) socketFactory.createServerSocket(8080);
while (!mServerSocket.isClosed()) {
Socket client = mServerSocket.accept();
PrintWriter output = new PrintWriter(client.getOutputStream(), true);
output.println("So long, and thanks for all the fish!");
client.close();
}
} catch (Exception e) {
Log.e("SSLTestActivity", e.toString());
}
}
}
