Hello Girish, Girish Vasmatkar <girish.vasmat...@hotwaxsystems.com> writes:
> I tried reproducing the issue you're facing with GNU Icecat by providing > the exact cipher suites (that Icecat seems to present in the logs) to my > local OFBiz installation. However, the handshake seems to be working for me. > > There seems to be no issue with respect to the protocol version used. It is > all coming down to the fact that Icecat and OFBiz jvm can't settle down on > the cipher suite to choose. As for Epiphany, I could see common cipher > suites sent by both Icecat and Epiphany and yet OFBiz denying handshake. > > I'll see if there is more I can extract out of the logs but at the moment I > can't think of a proper solution here apart from installing JCE Unlimited > Strength in the JVM and see if you can get the handshake working. It seems like the issue is coming from the java implementation I am using which is icedtea 3.7 [1]. I tried with OpenJDK 10 which is available on my distro and the SSL handshake issue dissapeared. With OFBiz going to upgrade to Java 11, I think this issue doesn't worth the effort of investigating further. Thank you very much for investigating. [1] https://icedtea.classpath.org/wiki/Main_Page -- Mathieu Lirzin GPG: F2A3 8D7E EB2B 6640 5761 070D 0ADE E100 9460 4D37