Home/ Questions/Q 7620315
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-31T03:54:36+00:00

I’ve been wracking my brain on this problem, here , and suddenly thought to

  • 0

I’ve been wracking my brain on this problem, here, and suddenly thought to check if ANY cipher suites were available to the RMI Server. So, I put the following code in JUST BEFORE the RMI Registry is started:

msg("trustStore: "+System.getProperty("javax.net.ssl.trustStore"));
msg("trustStorePassword: "+System.getProperty("javax.net.ssl.trustStorePassword"));
msg("keyStore: "+System.getProperty("javax.net.ssl.keyStore")); 
msg("keyStorePassword: "+System.getProperty("javax.net.ssl.keyStorePassword"));
msg("rmi.server.hostname: "+System.getProperty("java.rmi.server.hostname"));msg("supportedCipherSuites: "+System.getProperty("javax.rmi.ssl.client.supportedCipherSuites"));
msg("enabledCipherSuites: "+System.getProperty("javax.rmi.ssl.client.enabledCipherSuites"));
msg("debug: "+System.getProperty("javax.net.debug"));

(where msg just sends data via System.out.println.)

…And to my horror found that “supportedCipherSuites” is NULL!

What?!

I looked all over creation, “used the google”, and haven’t yet figured out how I’m supposed to populate my instalation with suitable cipher suites. …I’m not looking for much special, just the basic ordinary stuff will do fine!

Arg!

P.S. Where does the RMI Registry’s output from javax.net.debug go? Can’t find it anywhere! Thanks….

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You’ll find the list of supported cipher suites in Oracle JRE 7 in the SunJSSE provider documentation: there are two tables for those enabled and disabled by default, respectively.

    I wouldn’t worry too much about System.getProperty("javax.rmi.ssl.client.supportedCipherSuites")) returning null: these system properties are for you to make settings, not for the JRE/RMI API to publish its current state. In addition, there is no mention of this system property in the documentation where javax.rmi.ssl.client.enabledCipherSuites is documented.
    If you want to use specific cipher suites, set javax.rmi.ssl.client.enabledCipherSuites, don’t read it.

    Getting the javax.net.ssl.* properties won’t necessarily tell you what the actual used values are (see this answer). For example a null javax.net.ssl.trustStore will still use the default truststore.

    Same for javax.net.debug: it’s for you to set and the Net/SSL API to use, not the other way around.

    • 0