> On Jun 14, 2016, at 7:04 PM, Greg Wilkins wrote:
>
> If SslEngine is changed to allow the negotiated application protocol to be
> set up until the time the hello response was wrapped, that would fix the
> problem. Would it create any others?
Well the fundamental issue is that the applica
> On Jun 14, 2016, at 8:58 AM, Simone Bordet wrote:
>
> During the unwrap(), the JDK implementation picks a cipher based on
> the JDK logic.
> In particular, in my case, I had a keystore with a certificate that
> was *not* ECDSA.
> If, in the snippet above, I set more than one cipher on the
> S
