Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1167
Views
0
Helpful
2
Replies

Java SSL exception accessing ASDM

Jcane1
Level 1
Level 1

‎08-06-2019 11:53 AM

Greetings everyone, 

 

I have hit a wall on getting into ASDM on my ASA 5510 and need some wisdom on how to get this knocked out. 

 

So far I have configured the http server and have downloaded ASDM, when launching ASDM Java is throwing an SSL exception that I cant interpret. I have added the ASDM URL to the trusted sites list and downloaded the device cert and added it to the java certificates panel.

 

Any guidance would be greatly appreciated.

 

Java version (java --version) Mac OS 10.14.5

java 12.0.2 2019-07-16

Java(TM) SE Runtime Environment (build 12.0.2+10)

 

Exception:

javax.net.ssl.SSLException: java.lang.NullPointerException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1903)
at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1886)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1402)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1570)
at sun.net.www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:92)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1490)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1488)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:784)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1487)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:268)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doHeadRequestEX(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.lang.NullPointerException
at com.sun.deploy.security.X509DeployKeyManager.chooseClientAlias(Unknown Source)
at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(SSLContextImpl.java:1336)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:868)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:369)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
... 27 more

Labels:
0 Helpful
2 Replies 2

Alan Ng'ethe
Level 3
Level 3

‎08-06-2019 09:11 PM

Some more information...

Can we see the basics? On the ASA;
show run http
show run asdm

show version

What is the asdm version uploaded to the device?

Remember to rate helpful posts and/or mark as a solution if your issue is resolved.
0 Helpful

Jcane1
Level 1
Level 1
In response to Alan Ng'ethe

‎08-08-2019 02:57 PM

Hi Alan, 

 

Thanks for your reply.

Here is the config information you wanted to verify. 

Cheers.

 

sh run http

http server enable

http 172.16.1.0 255.255.255.0 INSIDE

http 172.17.0.0 255.255.0.0 INSIDE

http 172.16.0.0 255.255.0.0 OUTSIDE

http authentication-certificate OUTSIDE

 

 

sh run

: Saved

:

: Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz

:

ASA Version 9.1(6)11

!

boot system disk0:/asa916-11-k8-guest.bin

 

interface Ethernet0/0

nameif OUTSIDE

security-level 0

ip address dhcp

!

interface Ethernet0/1

shutdown

nameif INSIDE

security-level 100

ip address 10.0.0.1 255.255.255.0

 

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

http server enable

http 172.16.1.0 255.255.255.0 INSIDE

http 172.17.0.0 255.255.0.0 INSIDE

http 172.16.0.0 255.255.0.0 OUTSIDE

http authentication-certificate OUTSIDE

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec security-association pmtu-aging infinite

crypto ca trustpoint canewall

crl configure

crypto ca trustpool policy

telnet 172.16.0.0 255.255.255.0 OUTSIDE

telnet 172.16.0.0 255.255.0.0 OUTSIDE

telnet timeout 5

no ssh stricthostkeycheck

ssh 172.17.0.0 255.255.0.0 OUTSIDE

ssh timeout 5

ssh key-exchange group dh-group1-sha1

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card