-
Bug
-
Resolution: Not an Issue
-
P3
-
None
-
7u131
1. jdk 7u131 used by client and server, all on the same machine
2. unlimited policy
3. WLS server 10.3.6
4. Client is SSLTest.java with options
/refresh/home/oracle/jdk1.7.0_131/bin/java -classpath . SSLTest -enabledprotocols TLSv1.2
5. jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DESede, DES, \
SHA1, DH keySize < 768, EC keySize < 224
Could you please explain why strong ciphers are not available ?
Now I have following available:
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Accepted TLSv1.2 TLS_RSA_WITH_AES_256_CBC_SHA256
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA256
As per documentation
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider
I would expect to see also following ciphers
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Please advise why they are not available ?
stack trace seen on client endpoint :
> Caused By: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:281)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:269)
> at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:969) ****
> at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:683)
> at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:222)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:853)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:851)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1285)
> at weblogic.socket.JSSEFilterImpl.doTasks(JSSEFilterImpl.java:191)
2. unlimited policy
3. WLS server 10.3.6
4. Client is SSLTest.java with options
/refresh/home/oracle/jdk1.7.0_131/bin/java -classpath . SSLTest -enabledprotocols TLSv1.2
5. jdk.tls.disabledAlgorithms=SSLv3, MD5withRSA, DESede, DES, \
SHA1, DH keySize < 768, EC keySize < 224
Could you please explain why strong ciphers are not available ?
Now I have following available:
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Accepted TLSv1.2 TLS_RSA_WITH_AES_256_CBC_SHA256
Accepted TLSv1.2 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Accepted TLSv1.2 TLS_RSA_WITH_AES_128_CBC_SHA256
As per documentation
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider
I would expect to see also following ciphers
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Please advise why they are not available ?
stack trace seen on client endpoint :
> Caused By: javax.net.ssl.SSLHandshakeException: no cipher suites in common
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1639)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:281)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:269)
> at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:969) ****
> at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:683)
> at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:222)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:853)
> at sun.security.ssl.Handshaker$1.run(Handshaker.java:851)
> at java.security.AccessController.doPrivileged(Native Method)
> at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1285)
> at weblogic.socket.JSSEFilterImpl.doTasks(JSSEFilterImpl.java:191)