Bug 1308926 - Web HTTPS connector with AECDH cipher string offers no cipher suites
Summary: Web HTTPS connector with AECDH cipher string offers no cipher suites
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web
Version: 6.3.3
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
: ---
Assignee: jboss-set
QA Contact: Ondrej Kotek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-02-16 13:26 UTC by Ondrej Kotek
Modified: 2019-03-01 12:29 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-03-01 12:29:06 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Ondrej Kotek 2016-02-16 13:26:45 UTC 
Description of problem:
Having set AECDH cipher string to Web HTTPS connector, the HTTPS connector service offers no cipher suites for handshake.

How reproducible:
Set AECDH cipher string as cipher suite of Web HTTPS connector. Start server. Try handshake with HTTPS connector.

    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true">
        <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="AECDH" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/>
    </connector>


Actual results:
Handshake fails because there are no cipher suites offered by server.

Expected results:
Handshake succeeds and an AECDH cipher suite is used for communication.

Additional info:
It works with concrete AECDH cipher suites: "AECDH-AES256-SHA:AECDH-DES-CBC3-SHA:AECDH-AES128-SHA:AECDH-RC4-SHA:AECDH-NULL-SHA".
Note You need to log in before you can comment on or make changes to this bug.