Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

421
Views
0
Helpful
2
Replies
Highlighted
Jcane1
Beginner
Beginner
‎08-06-2019 11:53 AM
‎08-06-2019 11:53 AM

Java SSL exception accessing ASDM

Greetings everyone, 

 

I have hit a wall on getting into ASDM on my ASA 5510 and need some wisdom on how to get this knocked out. 

 

So far I have configured the http server and have downloaded ASDM, when launching ASDM Java is throwing an SSL exception that I cant interpret. I have added the ASDM URL to the trusted sites list and downloaded the device cert and added it to the java certificates panel.

 

Any guidance would be greatly appreciated.

 

Java version (java --version) Mac OS 10.14.5

java 12.0.2 2019-07-16

Java(TM) SE Runtime Environment (build 12.0.2+10)

 

Exception:

javax.net.ssl.SSLException: java.lang.NullPointerException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1886)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1402)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570)
at sun.net.www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:92)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1490)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1488)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:784)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1487)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:268)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doHeadRequestEX(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
at com.sun.deploy.security.X509DeployKeyManager.chooseClientAlias(Unknown Source)
at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(SSLContextImpl.java:1336)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:868)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
... 27 more

Labels:
0 Helpful
Reply
2 REPLIES 2
Highlighted
Alan Ng'ethe
Participant
Participant
‎08-06-2019 09:11 PM
‎08-06-2019 09:11 PM

Some more information...

Can we see the basics? On the ASA;
show run http
show run asdm

show version

What is the asdm version uploaded to the device?

Remember to rate helpful posts and/or mark as a solution if your issue is resolved.
0 Helpful
Reply
Highlighted
Jcane1
Beginner
Beginner
In response to Alan Ng'ethe
‎08-08-2019 02:57 PM
‎08-08-2019 02:57 PM

Hi Alan, 

 

Thanks for your reply.

Here is the config information you wanted to verify. 

Cheers.

 

sh run http

http server enable

http 172.16.1.0 255.255.255.0 INSIDE

http 172.17.0.0 255.255.0.0 INSIDE

http 172.16.0.0 255.255.0.0 OUTSIDE

http authentication-certificate OUTSIDE

 

 

sh run

: Saved

:

: Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz

:

ASA Version 9.1(6)11

!

boot system disk0:/asa916-11-k8-guest.bin

 

interface Ethernet0/0

nameif OUTSIDE

security-level 0

ip address dhcp

!

interface Ethernet0/1

shutdown

nameif INSIDE

security-level 100

ip address 10.0.0.1 255.255.255.0

 

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

http server enable

http 172.16.1.0 255.255.255.0 INSIDE

http 172.17.0.0 255.255.0.0 INSIDE

http 172.16.0.0 255.255.0.0 OUTSIDE

http authentication-certificate OUTSIDE

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec security-association pmtu-aging infinite

crypto ca trustpoint canewall

crl configure

crypto ca trustpool policy

telnet 172.16.0.0 255.255.255.0 OUTSIDE

telnet 172.16.0.0 255.255.0.0 OUTSIDE

telnet timeout 5

no ssh stricthostkeycheck

ssh 172.17.0.0 255.255.0.0 OUTSIDE

ssh timeout 5

ssh key-exchange group dh-group1-sha1

 

0 Helpful
Reply
Latest Contents
How to: Integrate Cisco ISE MDM with Microsoft Intune
Created by pavagupt on 11-23-2020 01:54 AM
0
5
0
5
IntroductionMicrosoft Azure Intune IntegrationCisco ISE ConfigurationVerification Introduction             Mobile Device Management (MDM) servers secure, monitor, manage, and support mobile devices de... view more
Cyberattacks are on the Rise - Secure your Digital Experienc...
Created by carbaker on 11-19-2020 11:49 AM
0
0
0
0
Cyberattacks are more sophisticated than ever and your online presence has never been more critical to the success of your business.  Cisco, through its OEM partnership with Radware, can help secure your digital future by continuously monitoring... view more
Smart identifier: Credit Card Number not detecting 4 digit b...
Created by ScottLoveland8675309 on 11-18-2020 11:19 AM
0
0
0
0
We have a filter that blocks incoming messages with credit card numbers. But it won't pick up on messages with 4 digit blocks on separate lines. Example:1234567890123456 Any suggestion on how to detect this pattern? 
SecureX Frequently Asked Questions
Created by adisanka on 11-17-2020 12:16 PM
0
5
0
5
IntroductionMicrosoft Azure Intune IntegrationCisco ISE ConfigurationVerification   General Which Cisco Secure products include access to SecureX? Eventually, all will. At the current time, a license to any of the following products grants immediate... view more
iPSK Manager and Forescout Integration
Created by amunozmo on 11-17-2020 11:03 AM
0
0
0
0
Hi,    Do we support integration between iPSK manager and Forescout?    i have a customer with Forescout and they will be refreshing their wireless environment to Catalyst 9800 WLC. However, they would like to leverage iPSK manager for... view more
Content for Community-Ad