Gemfire: the jks cert issue caused the gemfire failed to start
search cancel

Gemfire: the jks cert issue caused the gemfire failed to start

book

Article ID: 402891

calendar_today

Updated On:

Products

VMware Tanzu Data Suite

Issue/Introduction

failed to start up the gemfire cluster:


[error 2025/06/30 02:03:25.401 EDT locator1 <Membership Messenger Blocking> tid=0x6b] Asynchronous Messaging Server (local addy: /10.31.74.251:57397, remote addy: /10.31.74.250:43042) got exception communicating with client during handshake
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at gemfire//io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:500)
at gemfire//io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at gemfire//com.vmware.gemfire.tcpmessenger.internal.RecordReadBytesHandler.channelRead(RecordReadBytesHandler.java:24)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at gemfire//io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1357)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at gemfire//io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at gemfire//io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:868)
at gemfire//io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at gemfire//io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
at gemfire//io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
at gemfire//io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
at gemfire//io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
at gemfire//io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
at gemfire//io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at java.base/java.lang.Thread.run(Thread.java:842)
Caused by: javax.net.ssl.SSLHandshakeException: no cipher suites in common
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:365)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:321)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
at java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.chooseCipherSuite(ServerHello.java:471)
at java.base/sun.security.ssl.ServerHello$T12ServerHelloProducer.produce(ServerHello.java:297)
at java.base/sun.security.ssl.SSLHandshake.produce(SSLHandshake.java:440)
at java.base/sun.security.ssl.ClientHello$T12ClientHelloConsumer.consume(ClientHello.java:1109)
at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.onClientHello(ClientHello.java:842)
at java.base/sun.security.ssl.ClientHello$ClientHelloConsumer.consume(ClientHello.java:801)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:396)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:480)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1277)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask$DelegatedAction.run(SSLEngineImpl.java:1264)
at java.base/java.security.AccessController.doPrivileged(AccessController.java:712)
at java.base/sun.security.ssl.SSLEngineImpl$DelegatedTask.run(SSLEngineImpl.java:1209)
at gemfire//io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1691)
at gemfire//io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1537)
at gemfire//io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1378)
at gemfire//io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1427)
at gemfire//io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:530)
at gemfire//io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:469)

Cause

This issue is very obviously and it was caused by the cert itself.

 

 

Resolution

Follow the guide and recreate the Java cert:

https://techdocs.broadcom.com/us/en/vmware-tanzu/data-solutions/tanzu-gemfire/10-1/gf/managing-security-ssl_example.html

Powered by Wolken Software