This topic has 1 reply, 1 voice, and was last updated 6 years, 12 months ago by seth.zurborg.

  • Author
    Posts
  • #5670
     seth.zurborg
    Participant

    After configuring OpenAm to be both a client and authorization server, using the hints provided in section 12 of the 12.0.0 OpenAm Admin Guide I am unable to successfully login via Oauth. When I attempt to it directs to the consent page, which i accept, then pauses for a few moments and returns Unable to login. After looking through the logs(provided below) I noticed it was being caused by “javax.net.ssl.SSLHandshakeException: no cipher suites in common”. After much searching and debugging I am unable to find what is causing this. I have made sure my key is RSA, and both server and client have the Chain in their TrustStores.

    We recently changed the available ciphers due to a recent update to Chrome and Firefox dealing with the Logjam vulnerability. All suites listed in the logs were on
    es we added, could that be causing the issue?

    I’ve striped out anything sensitive.
    debug.out
    catalina.out

    • This topic was modified 6 years, 12 months ago by seth.zurborg. Reason: Removed Pastebin links, Replaced with Google Drive
    #5674
     seth.zurborg
    Participant

    I was able to resolve this.
    Ciphers compatible with authentication needed to be added to “https.cipherSuites” and “https.protocols” needed to be set to TLSv1.2.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?