Bug 1309328 - Web HTTPS connector with TLSv1 cipher string offers no cipher suites on IBM JDK
Summary: Web HTTPS connector with TLSv1 cipher string offers no cipher suites on IBM JDK
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web
Version: 6.3.3
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
: ---
Assignee: jboss-set
QA Contact: Ondrej Kotek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-02-17 13:31 UTC by Ondrej Kotek
Modified: 2019-03-01 12:28 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-03-01 12:28:53 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Ondrej Kotek 2016-02-17 13:31:26 UTC
Description of problem:
Having set TLSv1 cipher string to Web HTTPS connector, the HTTPS connector service offers no cipher suites for handshake on IBM JDK.

How reproducible:
Set TLSv1 cipher string as cipher suite of Web HTTPS connector. Start server. Try handshake with HTTPS connector.

    <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true">
        <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="TLSv1" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/>
    </connector>


Actual results:
Handshake fails because there are no cipher suites offered by server.

Expected results:
Handshake succeeds and an TLSv1 cipher suite is used for communication.

Additional info:
It works with concrete TLSv1 cipher suites.


Note You need to log in before you can comment on or make changes to this bug.