Description of problem: There are 5 ADH cipher suites that are not recognized by HTTPS connector (listener does not start). Namely: EXP-ADH-DES-CBC-SHA, ADH-DES-CBC-SHA, ADH-DES-CBC3-SHA, EXP-ADH-RC4-MD5, ADH-RC4-MD5. How reproducible: Set given cipher suite to Web HTTPS connector. Start server. <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true"> <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="EXP-ADH-DES-CBC-SHA" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/> </connector> Actual results: ERROR [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-2) JBWEB003043: Error initializing endpoint: java.io.IOException: JBWEB002081: No cipher match ... ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.web.connector.https: org.jboss.msc.service.StartException in service jboss.web.connector.https: JBAS018007: Error starting web connector Expected results: HTTPS connector service starts.
The 5 cipher suites named above are the only that are supported by IBM JDK for "aNULL" and "ADH" cipher strings. Hence the cipher strings are also not recognized by HTTPS connector on IBM JDK (causes the same error described above).