Cannot support TLS_RSA_WITH_AES_256_CBC_SHA with currently installed providers

Durga Deep picture Durga Deep · Jun 13, 2014 · Viewed 27.3k times · Source

We installed Cassandra 2.0 and configure it for SSL, and we run in this issue at startup. We're using Open JDK

java-1.7.0-openjdk-1.7.0.55-2.4.7.1.el6_5.x86_64

Exception message:

Caused by: java.lang.IllegalArgumentException: Cannot support 
    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA with currently installed providers

I looked at the following link - but this with Java 6/7.

http://www.pathin.org/tutorials/java-cassandra-cannot-support-tls_rsa_with_aes_256_cbc_sha-with-currently-installed-providers/

Any Ideas ? Thanks a bunch

Answer

pd40 picture pd40 · Jun 14, 2014

I am assuming this message is related to the Cassandra SSL/TLS configuration.

The answer here suggests installing unlimited crypto for your JVM but I believe your version of OpenJDK has this already.

I would suggest experimenting with the accepted cipher_suites setting in cassandra.yaml to find something that is available to your OpenJDK deployment. This openjdk question lists some of the cipher suites that may be enabled in OpenJDK, or you could accept the Cassandra default.