https://bz.apache.org/bugzilla/show_bug.cgi?id=67628
--- Comment #12 from Mark Thomas <ma...@apache.org> --- @Markus - suggestions on improving the text of the docs and or the message welcome. I don't think logging this at debug is an option. That the actual ciphers used change depending on which TLS implementation is used potentially has security implications so I think we have to visibly log something. We can log any combination of: - the requested configuration - the list of ciphers the requested configuration maps to - the list of ciphers actually used - the list of ciphers requested but not supported If you want to silence the warning, then you can explicitly list the ciphers you want to use but that has its own drawbacks. I haven't run the default Tomcat TLS configuration against the SSL Labs scanner for a while. I'll do that and see if adjustments are required. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org