https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3905637#M24963 <P>Hi Alan,&nbsp;</P><P>&nbsp;</P><P>Thanks for your reply.</P><P>Here is the config information you wanted to verify.&nbsp;</P><P class="p1">Cheers.</P><P class="p1">&nbsp;</P><P class="p1">sh run http</P><P class="p1">http server enable</P><P class="p1">http 172.16.1.0 255.255.255.0 INSIDE</P><P class="p1">http 172.17.0.0 255.255.0.0 INSIDE</P><P class="p1">http 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">http authentication-certificate OUTSIDE</P><P class="p2">&nbsp;</P><P class="p2">&nbsp;</P><P class="p1">sh run</P><P class="p1">: Saved</P><P class="p1">:</P><P class="p1">: Hardware: <SPAN class="Apple-converted-space">&nbsp; </SPAN>ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz</P><P class="p1">:</P><P class="p1">ASA Version 9.1(6)11</P><P class="p1">!</P><P class="p1">boot system disk0:/asa916-11-k8-guest.bin</P><P class="p1">&nbsp;</P><P class="p1">interface Ethernet0/0</P><P class="p1">nameif OUTSIDE</P><P class="p1">security-level 0</P><P class="p1">ip address dhcp</P><P class="p1">!</P><P class="p1">interface Ethernet0/1</P><P class="p1">shutdown</P><P class="p1">nameif INSIDE</P><P class="p1">security-level 100</P><P class="p1">ip address 10.0.0.1 255.255.255.0</P><P class="p2">&nbsp;</P><P class="p1">user-identity default-domain LOCAL</P><P class="p1">aaa authentication ssh console LOCAL</P><P class="p1">http server enable</P><P class="p1">http 172.16.1.0 255.255.255.0 INSIDE</P><P class="p1">http 172.17.0.0 255.255.0.0 INSIDE</P><P class="p1">http 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">http authentication-certificate OUTSIDE</P><P class="p1">no snmp-server location</P><P class="p1">no snmp-server contact</P><P class="p1">snmp-server enable traps snmp authentication linkup linkdown coldstart</P><P class="p1">crypto ipsec security-association pmtu-aging infinite</P><P class="p1">crypto ca trustpoint canewall</P><P class="p1">crl configure</P><P class="p1">crypto ca trustpool policy</P><P class="p1">telnet 172.16.0.0 255.255.255.0 OUTSIDE</P><P class="p1">telnet 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">telnet timeout 5</P><P class="p1">no ssh stricthostkeycheck</P><P class="p1">ssh 172.17.0.0 255.255.0.0 OUTSIDE</P><P class="p1">ssh timeout 5</P><P class="p1">ssh key-exchange group dh-group1-sha1</P><P class="p2">&nbsp;</P> Thu, 08 Aug 2019 21:57:30 GMT Jcane1 2019-08-08T21:57:30Z https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3904045#M24961 <P>Greetings everyone,&nbsp;</P><P>&nbsp;</P><P>I have hit a wall on getting into ASDM on my ASA 5510 and need some wisdom on how to get this knocked out.&nbsp;</P><P>&nbsp;</P><P>So far I have configured the http server and have downloaded ASDM, when launching ASDM Java is throwing an SSL exception that I cant interpret. I have added the ASDM URL to the trusted sites list and downloaded the device cert and added it to the java certificates panel.</P><P>&nbsp;</P><P>Any guidance would be greatly appreciated.</P><P>&nbsp;</P><P>Java version (java --version) Mac OS 10.14.5</P><P class="p1"><SPAN class="s1">java 12.0.2 2019-07-16</SPAN></P><P class="p1"><SPAN class="s1">Java(TM) SE Runtime Environment (build 12.0.2+10)</SPAN></P><P class="p1">&nbsp;</P><P class="p1"><SPAN class="s1">Exception:</SPAN></P><P class="p1"><SPAN class="s1">javax.net.ssl.SSLException: java.lang.NullPointerException<BR />at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)<BR />at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)<BR />at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)<BR />at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1886)<BR />at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1402)<BR />at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)<BR />at sun.net.<A href="http://www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559" target="_blank">www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559</A>)<BR />at sun.net.<A href="http://www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185" target="_blank">www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185</A>)<BR />at sun.net.<A href="http://www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570" target="_blank">www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570</A>)<BR />at sun.net.<A href="http://www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:92" target="_blank">www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:92</A>)<BR />at sun.net.<A href="http://www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1490" target="_blank">www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1490</A>)<BR />at sun.net.<A href="http://www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1488" target="_blank">www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1488</A>)<BR />at java.security.AccessController.doPrivileged(Native Method)<BR />at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:784)<BR />at sun.net.<A href="http://www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1487" target="_blank">www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1487</A>)<BR />at sun.net.<A href="http://www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:268" target="_blank">www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:268</A>)<BR />at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)<BR />at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)<BR />at com.sun.deploy.net.BasicHttpRequest.doHeadRequestEX(Unknown Source)<BR />at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)<BR />at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)<BR />at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)<BR />at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)<BR />at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source)<BR />at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)<BR />at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)<BR />at com.sun.javaws.Launcher.launch(Unknown Source)<BR />at com.sun.javaws.Main.launchApp(Unknown Source)<BR />at com.sun.javaws.Main.continueInSecureThread(Unknown Source)<BR />at com.sun.javaws.Main.access$000(Unknown Source)<BR />at com.sun.javaws.Main$1.run(Unknown Source)<BR />at java.lang.Thread.run(Thread.java:748)<BR />Caused by: java.lang.NullPointerException<BR />at com.sun.deploy.security.X509DeployKeyManager.chooseClientAlias(Unknown Source)<BR />at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(SSLContextImpl.java:1336)<BR />at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:868)<BR />at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)<BR />at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)<BR />at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)<BR />at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)<BR />at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)<BR />at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)<BR />... 27 more<BR /></SPAN></P> Tue, 06 Aug 2019 18:53:12 GMT https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3904045#M24961 Jcane1 2019-08-06T18:53:12Z https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3904266#M24962 <P>Some more information...</P><P>Can we see the basics? On the ASA;<BR />show run http<BR />show run asdm</P><P>show version</P><P>What is the asdm version uploaded to the device?</P> Wed, 07 Aug 2019 04:11:33 GMT https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3904266#M24962 Alan Ng'ethe 2019-08-07T04:11:33Z https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3905637#M24963 <P>Hi Alan,&nbsp;</P><P>&nbsp;</P><P>Thanks for your reply.</P><P>Here is the config information you wanted to verify.&nbsp;</P><P class="p1">Cheers.</P><P class="p1">&nbsp;</P><P class="p1">sh run http</P><P class="p1">http server enable</P><P class="p1">http 172.16.1.0 255.255.255.0 INSIDE</P><P class="p1">http 172.17.0.0 255.255.0.0 INSIDE</P><P class="p1">http 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">http authentication-certificate OUTSIDE</P><P class="p2">&nbsp;</P><P class="p2">&nbsp;</P><P class="p1">sh run</P><P class="p1">: Saved</P><P class="p1">:</P><P class="p1">: Hardware: <SPAN class="Apple-converted-space">&nbsp; </SPAN>ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz</P><P class="p1">:</P><P class="p1">ASA Version 9.1(6)11</P><P class="p1">!</P><P class="p1">boot system disk0:/asa916-11-k8-guest.bin</P><P class="p1">&nbsp;</P><P class="p1">interface Ethernet0/0</P><P class="p1">nameif OUTSIDE</P><P class="p1">security-level 0</P><P class="p1">ip address dhcp</P><P class="p1">!</P><P class="p1">interface Ethernet0/1</P><P class="p1">shutdown</P><P class="p1">nameif INSIDE</P><P class="p1">security-level 100</P><P class="p1">ip address 10.0.0.1 255.255.255.0</P><P class="p2">&nbsp;</P><P class="p1">user-identity default-domain LOCAL</P><P class="p1">aaa authentication ssh console LOCAL</P><P class="p1">http server enable</P><P class="p1">http 172.16.1.0 255.255.255.0 INSIDE</P><P class="p1">http 172.17.0.0 255.255.0.0 INSIDE</P><P class="p1">http 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">http authentication-certificate OUTSIDE</P><P class="p1">no snmp-server location</P><P class="p1">no snmp-server contact</P><P class="p1">snmp-server enable traps snmp authentication linkup linkdown coldstart</P><P class="p1">crypto ipsec security-association pmtu-aging infinite</P><P class="p1">crypto ca trustpoint canewall</P><P class="p1">crl configure</P><P class="p1">crypto ca trustpool policy</P><P class="p1">telnet 172.16.0.0 255.255.255.0 OUTSIDE</P><P class="p1">telnet 172.16.0.0 255.255.0.0 OUTSIDE</P><P class="p1">telnet timeout 5</P><P class="p1">no ssh stricthostkeycheck</P><P class="p1">ssh 172.17.0.0 255.255.0.0 OUTSIDE</P><P class="p1">ssh timeout 5</P><P class="p1">ssh key-exchange group dh-group1-sha1</P><P class="p2">&nbsp;</P> Thu, 08 Aug 2019 21:57:30 GMT https://community.cisco.com/t5/network-security/java-ssl-exception-accessing-asdm/m-p/3905637#M24963 Jcane1 2019-08-08T21:57:30Z