Bug 1308926 - Web HTTPS connector with AECDH cipher string offers no cipher suites
Web HTTPS connector with AECDH cipher string offers no cipher suites
Status: NEW
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web (Show other bugs)
Unspecified Unspecified
unspecified Severity low
: ---
: ---
Assigned To: jboss-set
Ondrej Kotek
Depends On:
  Show dependency treegraph
Reported: 2016-02-16 08:26 EST by Ondrej Kotek
Modified: 2016-02-16 08:26 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ondrej Kotek 2016-02-16 08:26:45 EST
Description of problem:
Having set AECDH cipher string to Web HTTPS connector, the HTTPS connector service offers no cipher suites for handshake.

How reproducible:
Set AECDH cipher string as cipher suite of Web HTTPS connector. Start server. Try handshake with HTTPS connector.

    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true">
        <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="AECDH" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/>

Actual results:
Handshake fails because there are no cipher suites offered by server.

Expected results:
Handshake succeeds and an AECDH cipher suite is used for communication.

Additional info:
It works with concrete AECDH cipher suites: "AECDH-AES256-SHA:AECDH-DES-CBC3-SHA:AECDH-AES128-SHA:AECDH-RC4-SHA:AECDH-NULL-SHA".

Note You need to log in before you can comment on or make changes to this bug.