javax.net.ssl.SSLHandshakeException: no cipher suites in common

LegacyForum

Hi,

I'm using WebKing 6.0.5 for generating simple JUnit test class that hits a URL with https protocol.
e.g. https://localhost:8453/abc/xyz/home

The Webking records the https URL and generates the following JUnit code.

------------------------------------JUnit Code Starts ------------------------------------------

import junit.framework.*;
import webking.api.browser2.*;

public class Login extends TestCase {

private WebBrowser browser;

public Login() {
super(null);
}

protected void setUp() throws Exception {
super.setUp();
int browserType = WebBrowser.InternetExplorer;
String webkingInstallationDir = "C:\\PROGRA~1\\Parasoft\\WebKing\\6.0\\";
String fireFoxExecutablePath = "C:\\PROGRA~1\\Intern~1\\IEXPLORE.EXE";
browser = new WebBrowser(webkingInstallationDir, browserType, fireFoxExecutablePath, <webking license server>, <Port>, <Timeout>);

browser.showBrowser(true); //Webking generates this line with 'false'. I've changed it to true.
}

protected void tearDown() throws Exception {
super.tearDown();
browser.closeBrowser();
}

public void testLogin() throws Exception {

browser.setLogin(<userid>, <pwd>);
browser.navigateAndWaitForPageLoad("https://localhost:8453/abc/xyz/home");
ElementLocator locator = new DescriptiveElementLocator("a", "text", "Search & View", 0);
browser.waitForElementPresent(locator);
// Begin Assertions
// End Assertions

browser.clickAndWaitForPageLoad(locator);
// Begin Assertions
// End Assertions

}

public static junit.framework.Test suite() {
return new junit.framework.TestSuite(Login.class);
}

public static void main(String[] args) {
junit.textui.TestRunner.run(suite());
}
}
------------------------------------JUnit Code Ends ------------------------------------------


When I run this class then I get the following error.


------------------------------------Error starts ------------------------------------------

Apr 14, 2009 9:19:38 AM com.parasoft.util.SimpleLogger logException
SEVERE: problem creating RSA private key: java.lang.SecurityException: The provider BC may not be signed by a trusted party
java.io.IOException: problem creating RSA private key: java.lang.SecurityException: The provider BC may not be signed by a trusted party
at org.bouncycastle.openssl.PEMReader.readObject(Unknown Source)
at webtool.proxy.ConnectionController.makeCertForHost(Unknown Source)
at webtool.proxy.ConnectionController.buildSSLFactory(Unknown Source)
at webtool.proxy.ConnectionController.getSocketFactory(Unknown Source)
at webtool.proxy.ConnectionController.getSSLServerSocket(Unknown Source)
at webtool.proxy.Connection.buildSSLConnection(Unknown Source)
at webtool.proxy.Connection.buildConnectionWithClient(Unknown Source)
at webtool.proxy.Connection.run(Unknown Source)
Apr 14, 2009 9:19:38 AM com.parasoft.util.SimpleLogger logException
SEVERE: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.b(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_aw.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
at webtool.proxy.HTTPStreamReader.readHeader(Unknown Source)
at webtool.proxy.HTTPStreamReader.read(Unknown Source)
at webtool.proxy.Connection.readRequest(Unknown Source)
at webtool.proxy.Connection.buildSSLConnection(Unknown Source)
at webtool.proxy.Connection.buildConnectionWithClient(Unknown Source)
at webtool.proxy.Connection.run(Unknown Source)
Apr 14, 2009 9:19:38 AM com.parasoft.util.SimpleLogger firewall
WARNING: Request was:
CONNECT localhost:8453 HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB5; .NET CLR 2.0.50727; .NET CLR 1.1.4322; InfoPath.2)
Host: localhost:8453
Content-Length: 0
Proxy-Connection: Keep-Alive
Pragma: no-cache


Apr 14, 2009 9:19:38 AM com.parasoft.util.SimpleLogger logException
SEVERE: Unsupported SSL v2.0 ClientHello
javax.net.ssl.SSLException: Unsupported SSL v2.0 ClientHello
at com.sun.net.ssl.internal.ssl.InputRecord.b(DashoA12275)
at com.sun.net.ssl.internal.ssl.InputRecord.read(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(DashoA12275)
at webtool.proxy.HTTPStreamReader.readHeader(Unknown Source)
at webtool.proxy.HTTPStreamReader.read(Unknown Source)
at webtool.proxy.Connection.readRequest(Unknown Source)
at webtool.proxy.Connection.buildSSLConnection(Unknown Source)
at webtool.proxy.Connection.buildConnectionWithClient(Unknown Source)
at webtool.proxy.Connection.run(Unknown Source)
Apr 14, 2009 9:19:38 AM com.parasoft.util.SimpleLogger firewall
WARNING: Request was:
CONNECT localhost:8453 HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB5; .NET CLR 2.0.50727; .NET CLR 1.1.4322; InfoPath.2)
Host: localhost:8453
Content-Length: 0
Proxy-Connection: Keep-Alive
Pragma: no-cache
------------------------------------Error ends ------------------------------------------

I tried to google it without success. I have recreated the keystore file but still get this error.

Can anyone help?

Thanks,
Anurag

LegacyForum

Hi AnuragT,

Thank you for your question. Regarding the error you are seeing, please try the following:

1. Locate the the bcprov.jar file in the WebKing installation directory (usually C:/Program Files/Parasoft/WebKing/6.0/bcprov.jar)
2. For the JRE you are using to run your JUnits, copy bcprov.jar to <JRE install location>/lib/ext/bcprov.jar

Give this a try and let me know if this works for you. If it does not, please include the following information:

1. Your operating system
2. The JRE you are using to launch the JUnit
3. The arguments you are passing to the JRE
4. Are you able to play back your tests from the WebKing GUI?
5. If you are not using the WebKing JRE (usually C:/Progam Files/Parasoft/WebKing/6.0/JRE), do you get this exception when you use the JRE?

LegacyForum

How should I say Thanks to you? It works!! Great!!

As per your suggestion I put the bcprov.jar into the <JRE install location>/lib/ext.

Thank you very much.

Regards,
Anurag

Hi AnuragT,

Thank you for your question. Regarding the error you are seeing, please try the following:

1. Locate the the bcprov.jar file in the WebKing installation directory (usually C:/Program Files/Parasoft/WebKing/6.0/bcprov.jar)
2. For the JRE you are using to run your JUnits, copy bcprov.jar to <JRE install location>/lib/ext/bcprov.jar

Give this a try and let me know if this works for you. If it does not, please include the following information:

1. Your operating system
2. The JRE you are using to launch the JUnit
3. The arguments you are passing to the JRE
4. Are you able to play back your tests from the WebKing GUI?
5. If you are not using the WebKing JRE (usually C:/Progam Files/Parasoft/WebKing/6.0/JRE), do you get this exception when you use the JRE?

LegacyForum

Hi Anurag,

I'm glad to hear it is working for you now

Please feel free to visit the forums or contact webkingsupport@parasoft.com if you should have any future questions regarding WebKing.

LegacyForum

Hi,

The above problem solved on my PC when I copied bcprov.jar in <JRE Install Location>/lib/ext folder.
Now I'm trying to run the same Junit class on another machine but inspite of having the same setup there I'm getting the above problem, even I've copied the bcprov.jar in <JRE Install Location>/lib/ext folder on that mchine

Following are the details,

OS : Windows XP
JRE to launch the JUnit : j2sdk1.4.2_05

I would like to mention that on this machine I have not installed the WebKing, I have just copied the WebKing installation folder from my machine to this machine.


Thanks,
Anurag

LegacyForum

Hi Anurag,

First off, you will need to install the Parasoft Trusted Root Authority on your machine if you wish to do any functional testing in IE over an HTTPS connection.

It would be best to just install WebKing. But if you cannot do this for some reason, you can do the following to install the certificate:

1. From the command line, navigate to the WebKing installation directory (usually C:/Program Files/Parasoft/WebKing/6.0/)
2. Run the following command line:

CODE

webking.exe -cmd -installcertificate
Verify that the certificate has been installed by going to Internet Explorer: Tools: Internet Options: Content: Certificates: Trusted Root Certification Authorities and verify that the "Parasoft, WebKing Proxy CA" is installed.


Next, please verify that you have copied the bcprov.jar file into the correct JRE on this second machine. It is common for there to be many installations of Java on a single machine. So, please be sure you have copied bcprov.jar to the correct folder.


Finally, if you are still getting the exception, verify that it is exactly the same as the error you copied above:

SEVERE: problem creating RSA private key: java.lang.SecurityException: The provider BC may not be signed by a trusted party
java.io.IOException: problem creating RSA private key: java.lang.SecurityException: The provider BC may not be signed by a trusted party
...
SEVERE: no cipher suites in common
javax.net.ssl.SSLHandshakeException: no cipher suites in common
...
SEVERE: Unsupported SSL v2.0 ClientHello
javax.net.ssl.SSLException: Unsupported SSL v2.0 ClientHello

If there is any difference, please copy the complete exception as you did before.

Also, please answer all the questions below for this second machine:The arguments you are passing to the JREAre you able to play back your tests from the WebKing GUI?If you are not using the WebKing JRE (usually C:/Progam Files/Parasoft/WebKing/6.0/JRE), do you get this exception when you use the WebKing JRE?

LegacyForum

Hi,

The command "webking.exe -cmd -installcertificate" could not install the certificate. I ran it from the folder "C:\Program Files\Parasoft\WebKing\6.0". I then had to install it from Tools: Internet Options: Content: Certificates: Import: <C:\Program Files\Parasoft\WebKing\6.0\lib\parasoft.cer>

I installed this certificate in Trusted Root Certification Authorities.

Following are the environment variables I set while running the build script. The 'ear' target of this build script calls the 'junit' target. This junit target opens up a new browser using Webking API but eventually fails with the SAME exception that I've pasted before

set JAVA_HOME=C:\j2sdk1.4.2_05

set ORACLE_HOME=C:\oracle\ora92

set CLASSPATH=%CLASSPATH%;C:\Tools\Apache\jakarta-tomcat-5.0.25\common\lib\servlet-api.jar;C:\cc-sandbox\work_dir\checkout\jigsaw-main\lib\rsadapterspi.jar;

ant -buildfile build.xml ear


Since I've not installed the WebKing on that machine so I've not played back the tests from the WebKing GUI on that machine.

Does using the WebKing JRE means adding the WebKing JRE lib and bin folder to CLASSPATH and PATH respectively? If yes, then I've tried doing this without success, means same exception.

Will the installation of WebKing be required on that machine?

Thanks,
Anurag

LegacyForum

I've installed WebKing on that machine and still the same exception.

The Webking GUI payed back the test perfectly and created the JUnits on that machine. But the generated JUnits then gave the same error.

LegacyForum

Hi Anurag,

Thank you for all the information you have provided

One small note regarding this. Earlier I suggested moving bcprov.jar to:
<JRE install location>/lib/ext/bcprov.jar

Since you are using the SDK, this folder is in:
%JAVA_HOME%/jre/lib/ext/bcprov.jar

So, in your example you have

CODE

set JAVA_HOME=C:\j2sdk1.4.2_05
Then you should be copying bcprov.jar to:
C:\j2sdk1.4.2_05\jre\lib\ext\bcprov.jar

and not
C:\j2sdk1.4.2_05\lib\ext\bcprov.jar

You can verify that this is where ant is searching by executing the command:
CODEant -diagnostics
and searching for the java.ext.dirs entry. The bcprov.jar file should be copied to that directory.

LegacyForum

Yes I copied bcprov.jar to C:\j2sdk1.4.2_05\jre\lib\ext.

"ant -diagnostics" command gives the following output.

java.ext.dirs : C:\j2sdk1.4.2_05\jre\lib\ext
java.home : C:\j2sdk1.4.2_05

I copied bcprov.jar to C:\j2sdk1.4.2_05\jre\lib\ext folder but the result was same exception.

I'm in touch with a support person (Tony) from Parasoft WebKing Support. To Tony all the setup looks fine. He will get back to me soon and then I'll update this thread once the problem is resolved.

In the mean time you can pinpoint the problem with the setup or comeup with a solution then it will be great.

Thanks,
Anurag

LegacyForum

We were able to resolve this by modifying the <JRE>/lib/security/java.security file to include the BouncyCastle provider as follows:

Changed:

CODE

security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.sun.rsajca.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
to:
CODEsecurity.provider.1=sun.security.provider.Sun
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.rsajca.Provider
security.provider.5=com.sun.crypto.provider.SunJCE
security.provider.6=sun.security.jgss.SunProvider