I have purchased a new certificate from digicert. Created a new Keystore and Truststore and installed the certificates into the new stores.
Server is windows 2019 VM server, in Microsoft Azure
I then edited the # Spectrum HTTP settings as below
# Spectrum HTTP settings
################################################################################
spectrum.http.default.protocol=https
#spectrum.http.enabled=true
#spectrum.http.port=8080
spectrum.https.enabled=true
spectrum.https.port=8443
spectrum.https.encryption.keystoreType=pkcs12
spectrum.https.encryption.keystore=../conf/certs/Ararat-keystore.p12
spectrum.https.encryption.keystorePassword=xxxxxxx
spectrum.https.encryption.keystoreAlias=spectrum
spectrum.https.encryption.truststoreType=pkcs12
spectrum.https.encryption.truststore=../conf/certs/Ararat-truststore.p12
and also the ssl settings as below.
# Spectrum ssl settings
################################################################################
spectrum.encryption.enabled=false
spectrum.encryption.algorithm=JASYPT
spectrum.encryption.keystoreAlias=spectrum
spectrum.encryption.keystoreType=pkcs12
spectrum.encryption.keystore=../conf/certs/Ararat-keystore.p12
spectrum.encryption.keystorePassword=xxxxxxxx
spectrum.encryption.truststoreType=pkcs12
spectrum.encryption.truststore=../conf/certs/Ararat-truststore.p12
spectrum.encryption.truststorePassword=xxxxxxxx
spectrum.encryption.validateCerts=true
spectrum.encryption.trustAllHosts=false
spectrum.encryption.selfSignedCert=false
spectrum.https.encryption.truststorePassword=xxxxxxx
spectrum.https.encryption.validateCerts=false
spectrum.https.encryption.selfSignedCert=false
spectrum.https.encryption.trustAllHosts=false
I also edited the the runtime settings
# Spectrum runtime settings
################################################################################
spectrum.runtime.hostname=GIS.ararat.vic.gov.au
spectrum.runtime.port=8443
when I test the certificate with a browser I get an error "Error code: SSL_ERROR_NO_CYPHER_OVERLAP"
When I test the certificate with the Digicert tool I get an error "a valid handshake could not be established"
I have installed the certificate on several other windows servers including the confirm server using IIS and it works fine with no issues.
I have no idea whats going on here and can't seem to find a cure.
Has anyone get any ideas on what to look at to fix the problem???
Much appreciate any help I can get with this issue.
------------------------------
Russell Ferguson
Ararat Rural City Council
Ararat VIC
------------------------------