Bug 1309328 - Web HTTPS connector with TLSv1 cipher string offers no cipher suites on IBM JDK
Web HTTPS connector with TLSv1 cipher string offers no cipher suites on IBM JDK
Status: NEW
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web (Show other bugs)
Unspecified Unspecified
unspecified Severity low
: ---
: ---
Assigned To: jboss-set
Ondrej Kotek
Depends On:
  Show dependency treegraph
Reported: 2016-02-17 08:31 EST by Ondrej Kotek
Modified: 2016-02-17 08:31 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Ondrej Kotek 2016-02-17 08:31:26 EST
Description of problem:
Having set TLSv1 cipher string to Web HTTPS connector, the HTTPS connector service offers no cipher suites for handshake on IBM JDK.

How reproducible:
Set TLSv1 cipher string as cipher suite of Web HTTPS connector. Start server. Try handshake with HTTPS connector.

    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true">
        <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="TLSv1" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/>

Actual results:
Handshake fails because there are no cipher suites offered by server.

Expected results:
Handshake succeeds and an TLSv1 cipher suite is used for communication.

Additional info:
It works with concrete TLSv1 cipher suites.

Note You need to log in before you can comment on or make changes to this bug.