Connecdtion to SB fails: anonymous cipher suites are within the supported list #332
Comments
|
Is the JRE vesion same on both machines? The SDK relies on default Java provider for security. |
|
Yes, the java version is the same.
From: Vijaya Gopal Yarramneni [mailto:notifications@github.com]
Sent: Friday, February 1, 2019 11:51 AM
To: Azure/azure-service-bus-java <azure-service-bus-java@noreply.github.com>
Cc: Edouard Perov <Edouard.Perov@ca.abb.com>; Author <author@noreply.github.com>
Subject: Re: [Azure/azure-service-bus-java] Connecdtion to SB fails: anonymous cipher suites are within the supported list (#332)
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Attention: Ce courrier électronique provient de l’extérieur de l’organisation. Ne cliquez pas sur les liens ni n’ouvrez aucune pièce jointe, sauf si vous reconnaissez l’expéditeur et savez que le contenu est sécurisé.
Is the JRE vesion same on both machines? The SDK relies on default Java provider for security.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzure%2Fazure-service-bus-java%2Fissues%2F332%23issuecomment-459846434&data=02%7C01%7Cedouard.perov%40ca.abb.com%7C12b9446643a343d0b6d408d6887e9518%7C372ee9e09ce04033a64ac07073a91ecd%7C0%7C0%7C636846474581515682&sdata=mlHvKrVNyL6s80nH9Y5Kt7ADb8Bqs1bo8QJJwyV5HRw%3D&reserved=0>, or mute the thread<https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAaHUjjGP006KGCaVLakZhGfLfErp3M7eks5vJJqfgaJpZM4aZQKU&data=02%7C01%7Cedouard.perov%40ca.abb.com%7C12b9446643a343d0b6d408d6887e9518%7C372ee9e09ce04033a64ac07073a91ecd%7C0%7C0%7C636846474581525691&sdata=nu7%2BCjWwxGCqkbLM77cmzmPLDouwAJaAh%2F3WDS7it1s%3D&reserved=0>.
|
|
Please check your java security configuration. It is a bug or anything. On that machine, may be you are using a different security provider. |
|
java.security files are original, no manual changes. |
|
@eperov Is it resolved? I am also facing same issue. Same application works fine on another machine. In my case jre versions are different across machines. @yvgopal Is there any else we are missing? Update: This issue is happening across all our apps and for all new instances with jre build: 1.8.0_201-b09. Downgraded jre to 1.8.0_191-b12 build to fix it. |
|
The problem is resolved by downgrading Java from 1.8.0_201 to 1.8.0_191. |
|
It is because JRE 8 update 201 disabled some anonymous cipher suites used by ProtonJ. This issue is fixed in the newer version of ProtonJ. SDK version 1.2.9 switched to newer ProtonJ version, which doesn't throw this error. So this issue is already fixed in version 1.2.9 and later. |
|
Version 1.8.0_191 seems to be expired as per Oracle website, any alternative solution to this? |
|
@satish8784 Switch to Service Bus SDK version 1.2.9 or later. |
|
I have updated the version of our service bus sdk to 2.0.0 but am still having this issue |
|
If you update to newer version of the SDK, then you will get a new jar of proton-j that is 0.31.0. Maven will automatically pull it for your development. Check your application's classpath. |
Hi,
Connection to Service Bus fails with the error.
The same code works from another machines.
com.microsoft.azure.servicebus.primitives.ServiceBusException: org.apache.qpid.proton.engine.TransportException: None of [TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_DES_CBC_SHA, SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA] anonymous cipher suites are within the supported list [T LS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_D HE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AE S_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA25 6, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECD HE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_C BC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS _RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256], TrackingId: 0e18cf2f-b2c0-41a8-99a2-1674072600c2, at: 2019-01-29T17:02:47.036-08:00[America/Los_Angeles]
The text was updated successfully, but these errors were encountered: