https://bz.apache.org/bugzilla/show_bug.cgi?id=62748
--- Comment #18 from Christopher Schultz <ch...@christopherschultz.net> --- When using my ssltest tool[1] with OpenJDK 11, I get the following output when configured with protocols="TLSv1.2+TLSv1.3": Host [localhost] resolves to addresses [127.0.0.1], [0:0:0:0:0:0:0:1] Auto-detected client-supported protocols: [DTLSv1.0, DTLSv1.2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3] Testing server localhost:8443 Supported Protocol Cipher Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 Accepted TLSv1.2 TLS_DHE_RSA_WITH_AES_256_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Accepted TLSv1.3 TLS_AES_128_GCM_SHA256 Accepted TLSv1.3 TLS_AES_256_GCM_SHA384 Given this client's capabilities ([DTLSv1.0, DTLSv1.2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3]), the server prefers protocol=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256 Note that ssltest only performs a TLS handshake and does not attempt to communicate using HTTP over that connection. [1] https://github.com/ChristopherSchultz/ssltest -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
