Authentication based on SSLSockets java application

Question

I'm developing a Java application and I need to send a couple strings (user and password) to the server through a Secure Sockets, i have to use my own certificate generated by a trusted CA, but i'm getting a exception

Server

class LoginServer {

  private static final String CORRECT_USER_NAME = "Java";

  private static final String CORRECT_PASSWORD = "HowToProgram";

  private SSLServerSocket serverSocket;

  public LoginServer() throws Exception {
    SSLServerSocketFactory socketFactory = (SSLServerSocketFactory) SSLServerSocketFactory
        .getDefault();
    serverSocket = (SSLServerSocket) socketFactory.createServerSocket(7070);

  }

  private void runServer() {
    while (true) {
      try {
        System.err.println("Waiting for connection...");
        SSLSocket socket = (SSLSocket) serverSocket.accept();
        BufferedReader input = new BufferedReader(new InputStreamReader(socket.getInputStream()));
        PrintWriter output = new PrintWriter(new OutputStreamWriter(socket.getOutputStream()));
        String userName = input.readLine();
        String password = input.readLine();

        if (userName.equals(CORRECT_USER_NAME) && password.equals(CORRECT_PASSWORD)) {
          output.println("Welcome, " + userName);
        } else {
          output.println("Login Failed.");
        }
        output.close();
        input.close();
        socket.close();

      } catch (IOException ioException) {
        ioException.printStackTrace();
      }
    }
  }

  public static void main(String args[]) throws Exception {
    LoginServer server = new LoginServer();
    server.runServer();
  }
}

Client

class LoginClient {
  public LoginClient() {
    try {
      SSLSocketFactory socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
      SSLSocket socket = (SSLSocket) socketFactory.createSocket("localhost", 7070);
      PrintWriter output = new PrintWriter(new OutputStreamWriter(socket.getOutputStream()));
      String userName = "MyName";
      output.println(userName);
      String password = "MyPass";
      output.println(password);
      output.flush();
      BufferedReader input = new BufferedReader(new InputStreamReader(socket.getInputStream()));
      String response = input.readLine();
      System.out.println(response);

      output.close();
      input.close();
      socket.close();
    } catch (IOException ioException) {
      ioException.printStackTrace();
    } finally {
      System.exit(0);
    }
  }

  public static void main(String args[]) {
    new LoginClient();
  }
}

this is the result in the output window:

javax.net.ssl.SSLHandshakeException: no cipher suites in common
    at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
    at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1886)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)
    at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:266)
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:894)
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:622)
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:167)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:804)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)
    at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:882)
    at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
    at sun.nio.cs.StreamDecoder.readBytes(StreamDecoder.java:283)
    at sun.nio.cs.StreamDecoder.implRead(StreamDecoder.java:325)
    at sun.nio.cs.StreamDecoder.read(StreamDecoder.java:177)
    at java.io.InputStreamReader.read(InputStreamReader.java:184)
    at java.io.BufferedReader.fill(BufferedReader.java:154)
    at java.io.BufferedReader.readLine(BufferedReader.java:317)
    at java.io.BufferedReader.readLine(BufferedReader.java:382)
    at zzzz.LoginServer.runServer(LoginServer.java:35)
    at zzzz.LoginServer.main(LoginServer.java:55)

I hope you can help me.

Thanks a lot

Answer 1

I don't see how this is possible unless there is more code you haven't shown us, i.e. a call to setEnabledCipherSuites(). Remove it.

I also don't see why it is necessary to use SSL or login to a server running in the same host.