None of the ciphers specified are supported by the SSL engine
Symptoms
You are unable to access JIRA via SSL after an upgrade, or change to your SSL connector.
The following appears in catalina.out:
Dec 05, 2014 7:01:57 PM org.apache.tomcat.util.net.jsse.JSSESocketFactory getEnableableCiphers
WARNING: None of the ciphers specified are supported by the SSL engine : TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHACause
Your server.xml file has unsupported ciphers declared. Example faulty connector below:
<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keystoreFile="C:\SSL\JIRA\alt_cert_915.pfx" keystorePass="epic2014" keystoreType="PKCS12" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="443" protocol="org.apache.coyote.http11.Http11Protocol" scheme="https" secure="true" sslProtocol="TLS" useBodyEncodingForURI="true" ciphers="TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"/>
</Service>Resolution
- Shut down you JIRA instance.
- Locate the file server.xml which located on your $JIRA_installation_folder\conf.
- Remove the ciphers portion of the connector string.
- Restart JIRA.
Last modified on Mar 30, 2016
Powered by Confluence and Scroll Viewport.