Looking here: https://www.ibm.com/support/knowledgecenter/en/SSYKE2_8.0.0/com.ibm.java.security.component.80.doc/security-component/jsse2Docs/matchsslcontext_tls.html
I added -Dcom.ibm.jsse2.overrideDefaultTLS=true to the launch of my Jetty server and much joy resulted. Lou. On Wed, Mar 14, 2018 at 2:45 PM, Lothar Kimmeringer <[email protected]> wrote: > > > Am 14.03.2018 um 17:53 schrieb Silvio Bierman: > >> Those are ciphers for the SSL protocol instead of TLS. You do not want to >> use those... >> > > I'm not defending IBM here for their decision to follow the NIH-principle. > The ciphers are for TLS, the session where this trace came from was an > OFTP2-connection that is restricted to TLS and was using TLSv1.2 for the > handshake: > > OFTP TLS-ReceiveThread2 (Thread nr. 6, for server-socket listening on > address /x.x.x.x on port 6619), READ: TLSv1.2 Handshake, length = 181 > JsseJCE: Using AlgorithmParameters EC from provider IBMJCE version 1.8 > JsseJCE: Using AlgorithmParameters EC from provider IBMJCE version 1.8 > JsseJCE: Using AlgorithmParameters EC from provider IBMJCE version 1.8 > JsseJCE: Using AlgorithmParameters EC from provider IBMJCE version 1.8 > *** ClientHello, TLSv1.2 > RandomCookie: GMT: 1491538846 bytes = { 239, 0, 205, 234, 239, 135, 27, > 62, 91, 187, 205, 216, 254, 230, 62, 170, 127, 69, 1, 60, 88, 75, 88, 14, > 181, 116, 137, 40 } > Session ID: {} > Cipher Suites: > [...] > > The corresponding Wireshark trace showed the cipher-list with the names > you're used to, so there really are no SSL-ciphers here, "just" a > different naming scheme. > > > > Cheers, Lothar > _______________________________________________ > jetty-users mailing list > [email protected] > To change your delivery options, retrieve your password, or unsubscribe > from this list, visit > https://dev.eclipse.org/mailman/listinfo/jetty-users >
_______________________________________________ jetty-users mailing list [email protected] To change your delivery options, retrieve your password, or unsubscribe from this list, visit https://dev.eclipse.org/mailman/listinfo/jetty-users
