-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 1/4/14, 6:37 PM, Mark Eggers wrote: > On 1/4/2014 1:18 PM, Christopher Schultz wrote: >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 >> >> Musassir, >> >> On 1/4/14, 4:08 PM, Christopher Schultz wrote: >>> Musassir, >>> >>> On 1/3/14, 5:27 PM, Mudassir Aftab wrote: >>>> Again, we have to submit this as a bug.....TLS 1.2 is not >>>> working in Tomcat >>> >>> Tomcat 7.0.74 Oracle Java 1.7.0_45 tcnative 1.1.29 trunk >>> (essentially 1.2.29 >>> >>> tcnative$ make clean tcnative$ ./configure --with-apr=`which >>> apr-config` --with-java-home=/usr/local/java-7 --with-ssl >>> tcnative$ time make [...] make[1]: Leaving directory >>> `/home/cschultz/projects/tomcat-native-1.1.x/native' >>> >>> real 0m14.790s user 0m15.300s sys 0m1.840s >>> >>> tcnative$ cp -d .libs/* $CATALINA_HOME/bin >>> >>> tcnative$ cd $CATALINA_BASE >>> >>> tomcat$ cat conf/server.xml >>> >>> [...] <Connector port="8218" >>> protocol="org.apache.coyote.http11.Http11AprProtocol" >>> SSLEnabled="true" secure="true" scheme="https" >>> SSLCertificateKeyFile="[...]" SSLCertificateFile="[...]" >>> SSLCertificateChainFile="[...]" SSLProtocol="all" >>> executor="tomcatThreadPool" URIEncoding="UTF-8" /> [...] >>> >>> tomcat$ bin/startup.sh >>> >>> [...] Jan 04, 2014 3:17:26 PM >>> org.apache.catalina.core.AprLifecycleListener init INFO: Loaded >>> APR based Apache Tomcat Native library 1.1.30 using APR version >>> 1.4.6. Jan 04, 2014 3:17:26 PM >>> org.apache.catalina.core.AprLifecycleListener init INFO: APR >>> capabilities: IPv6 [true], sendfile [true], accept filters >>> [false], random [true]. Jan 04, 2014 3:17:26 PM >>> org.apache.catalina.core.AprLifecycleListener initializeSSL >>> INFO: OpenSSL successfully initialized (OpenSSL 1.0.1e 11 Feb >>> 2013) [...] >>> >>> tomcat$ openssl s_client -connect myhost:8218 [...] verify >>> error:num=19:self signed certificate in certificate chain >>> [...] SSL-Session: Protocol : TLSv1.2 Cipher : >>> DHE-RSA-AES256-GCM-SHA384 [...] >>> >>> *disconnect* >>> >>> I can confirm that Mozilla Firefox 26 on Mac OS X 10.9 can >>> connect using TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA cipher. >>> >>> Looks like TLS1.2 works just fine in the default configuration >>> (SSLProtocol="all" is the default). >>> >>> Let's try your configuration. I'm only going to change >>> SSLProtocol from "all" to "TLSv1": >>> >>> <Connector port="8218" >>> protocol="org.apache.coyote.http11.Http11AprProtocol" >>> SSLEnabled="true" secure="true" scheme="https" >>> SSLCertificateKeyFile="[...]" SSLCertificateFile="[...]" >>> SSLCertificateChainFile="[...]" SSLProtocol="TLSv1" >>> executor="tomcatThreadPool" URIEncoding="UTF-8" /> >>> >>> * Restart Tomcat* >>> >>> tomcat$ openssl s_client -connect myhost:8218 [...] >>> SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA >>> [...] >>> >>> Trying again with Firefox 26 give me >>> cipher=TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA. >>> >>> Let's try restricting to only your cipher. Let's make sure that >>> my OpenSSL version supports it, first: >>> >>> tomcat$ openssl ciphers -v | grep ECDHE-ECDSA-AES128-SHA256 >>> ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA >>> Enc=AES(128) Mac=SHA256 >>> >>> >>> Yup. Let's configure it in Tomcat: >>> >>> <Connector port="8218" >>> protocol="org.apache.coyote.http11.Http11AprProtocol" >>> SSLEnabled="true" secure="true" scheme="https" >>> SSLCipherSuite="ECDHE-ECDSA-AES128-SHA256" >>> SSLCertificateKeyFile="[...]" SSLCertificateFile="[...]" >>> SSLCertificateChainFile="[...]" SSLProtocol="TLSv1" >>> executor="tomcatThreadPool" URIEncoding="UTF-8" /> >>> >>> >>> $ openssl s_client -connect myhost:8218 CONNECTED(00000003) >>> 139718306563752:error:14077410:SSL >>> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake >>> failure:s23_clnt.c:741: >>> >>> $ openssl s_client -tls1 -connect myhost:8218 >>> CONNECTED(00000003) 139965071759016:error:14094410:SSL >>> routines:SSL3_READ_BYTES:sslv3 alert handshake >>> failure:s3_pkt.c:1256:SSL alert number 40 >>> 139965071759016:error:1409E0E5:SSL >>> routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596: >>> >>> $ openssl s_client -tls1_1 -connect myhost:8218 >>> CONNECTED(00000003) 140680041133736:error:1408F10B:SSL >>> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: >>> >>> $ openssl s_client -tls1_2 -connect myhost:8218 >>> CONNECTED(00000003) 139976873068200:error:1408F10B:SSL >>> routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337: >>> >>> Firefox also fails with "ssl_error_no_cypher_overlap". >>> >>> $ $ sslscan myhost:8218 _ ___ ___| |___ ___ __ _ _ __ / __/ >>> __| / __|/ __/ _` | '_ \ \__ \__ \ \__ \ (_| (_| | | | | >>> |___/___/_|___/\___\__,_|_| |_| >>> >>> Version 1.8.2 http://www.titania.co.uk Copyright Ian >>> Ventura-Whiting 2009 >>> >>> Testing SSL server myhost on port 8218 >>> >>> Supported Server Cipher(s): Failed SSLv3 256 bits >>> ECDHE-RSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> ECDHE-ECDSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> ECDHE-RSA-AES256-SHA384 Failed SSLv3 256 bits >>> ECDHE-ECDSA-AES256-SHA384 Rejected SSLv3 256 bits >>> ECDHE-RSA-AES256-SHA Rejected SSLv3 256 bits >>> ECDHE-ECDSA-AES256-SHA Rejected SSLv3 256 bits >>> SRP-DSS-AES-256-CBC-SHA Rejected SSLv3 256 bits >>> SRP-RSA-AES-256-CBC-SHA Failed SSLv3 256 bits >>> DHE-DSS-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> DHE-RSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> DHE-RSA-AES256-SHA256 Failed SSLv3 256 bits >>> DHE-DSS-AES256-SHA256 Rejected SSLv3 256 bits >>> DHE-RSA-AES256-SHA Rejected SSLv3 256 bits >>> DHE-DSS-AES256-SHA Rejected SSLv3 256 bits >>> DHE-RSA-CAMELLIA256-SHA Rejected SSLv3 256 bits >>> DHE-DSS-CAMELLIA256-SHA Rejected SSLv3 256 bits >>> AECDH-AES256-SHA Rejected SSLv3 256 bits >>> SRP-AES-256-CBC-SHA Failed SSLv3 256 bits >>> ADH-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> ADH-AES256-SHA256 Rejected SSLv3 256 bits ADH-AES256-SHA >>> Rejected SSLv3 256 bits ADH-CAMELLIA256-SHA Failed SSLv3 >>> 256 bits ECDH-RSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> ECDH-ECDSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >>> ECDH-RSA-AES256-SHA384 Failed SSLv3 256 bits >>> ECDH-ECDSA-AES256-SHA384 Rejected SSLv3 256 bits >>> ECDH-RSA-AES256-SHA Rejected SSLv3 256 bits >>> ECDH-ECDSA-AES256-SHA Failed SSLv3 256 bits >>> AES256-GCM-SHA384 Failed SSLv3 256 bits AES256-SHA256 >>> Rejected SSLv3 256 bits AES256-SHA Rejected SSLv3 256 bits >>> CAMELLIA256-SHA Failed SSLv3 256 bits PSK-AES256-CBC-SHA >>> Rejected SSLv3 168 bits ECDHE-RSA-DES-CBC3-SHA Rejected >>> SSLv3 168 bits ECDHE-ECDSA-DES-CBC3-SHA Rejected SSLv3 168 >>> bits SRP-DSS-3DES-EDE-CBC-SHA Rejected SSLv3 168 bits >>> SRP-RSA-3DES-EDE-CBC-SHA Rejected SSLv3 168 bits >>> EDH-RSA-DES-CBC3-SHA Rejected SSLv3 168 bits >>> EDH-DSS-DES-CBC3-SHA Rejected SSLv3 168 bits >>> AECDH-DES-CBC3-SHA Rejected SSLv3 168 bits >>> SRP-3DES-EDE-CBC-SHA Rejected SSLv3 168 bits ADH-DES-CBC3-SHA >>> Rejected SSLv3 168 bits ECDH-RSA-DES-CBC3-SHA Rejected SSLv3 >>> 168 bits ECDH-ECDSA-DES-CBC3-SHA Rejected SSLv3 168 bits >>> DES-CBC3-SHA Failed SSLv3 168 bits PSK-3DES-EDE-CBC-SHA >>> Failed SSLv3 128 bits ECDHE-RSA-AES128-GCM-SHA256 Failed >>> SSLv3 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Failed SSLv3 >>> 128 bits ECDHE-RSA-AES128-SHA256 Failed SSLv3 128 bits >>> ECDHE-ECDSA-AES128-SHA256 Rejected SSLv3 128 bits >>> ECDHE-RSA-AES128-SHA Rejected SSLv3 128 bits >>> ECDHE-ECDSA-AES128-SHA Rejected SSLv3 128 bits >>> SRP-DSS-AES-128-CBC-SHA Rejected SSLv3 128 bits >>> SRP-RSA-AES-128-CBC-SHA Failed SSLv3 128 bits >>> DHE-DSS-AES128-GCM-SHA256 Failed SSLv3 128 bits >>> DHE-RSA-AES128-GCM-SHA256 Failed SSLv3 128 bits >>> DHE-RSA-AES128-SHA256 Failed SSLv3 128 bits >>> DHE-DSS-AES128-SHA256 Rejected SSLv3 128 bits >>> DHE-RSA-AES128-SHA Rejected SSLv3 128 bits >>> DHE-DSS-AES128-SHA Rejected SSLv3 128 bits DHE-RSA-SEED-SHA >>> Rejected SSLv3 128 bits DHE-DSS-SEED-SHA Rejected SSLv3 >>> 128 bits DHE-RSA-CAMELLIA128-SHA Rejected SSLv3 128 bits >>> DHE-DSS-CAMELLIA128-SHA Rejected SSLv3 128 bits >>> AECDH-AES128-SHA Rejected SSLv3 128 bits >>> SRP-AES-128-CBC-SHA Failed SSLv3 128 bits >>> ADH-AES128-GCM-SHA256 Failed SSLv3 128 bits >>> ADH-AES128-SHA256 Rejected SSLv3 128 bits ADH-AES128-SHA >>> Rejected SSLv3 128 bits ADH-SEED-SHA Rejected SSLv3 128 >>> bits ADH-CAMELLIA128-SHA Failed SSLv3 128 bits >>> ECDH-RSA-AES128-GCM-SHA256 Failed SSLv3 128 bits >>> ECDH-ECDSA-AES128-GCM-SHA256 Failed SSLv3 128 bits >>> ECDH-RSA-AES128-SHA256 Failed SSLv3 128 bits >>> ECDH-ECDSA-AES128-SHA256 Rejected SSLv3 128 bits >>> ECDH-RSA-AES128-SHA Rejected SSLv3 128 bits >>> ECDH-ECDSA-AES128-SHA Failed SSLv3 128 bits >>> AES128-GCM-SHA256 Failed SSLv3 128 bits AES128-SHA256 >>> Rejected SSLv3 128 bits AES128-SHA Rejected SSLv3 128 bits >>> SEED-SHA Rejected SSLv3 128 bits CAMELLIA128-SHA Failed >>> SSLv3 128 bits PSK-AES128-CBC-SHA Rejected SSLv3 128 bits >>> ECDHE-RSA-RC4-SHA Rejected SSLv3 128 bits >>> ECDHE-ECDSA-RC4-SHA Rejected SSLv3 128 bits AECDH-RC4-SHA >>> Rejected SSLv3 128 bits ADH-RC4-MD5 Rejected SSLv3 128 bits >>> ECDH-RSA-RC4-SHA Rejected SSLv3 128 bits ECDH-ECDSA-RC4-SHA >>> Rejected SSLv3 128 bits RC4-SHA Rejected SSLv3 128 bits >>> RC4-MD5 Failed SSLv3 128 bits PSK-RC4-SHA Rejected SSLv3 >>> 56 bits EDH-RSA-DES-CBC-SHA Rejected SSLv3 56 bits >>> EDH-DSS-DES-CBC-SHA Rejected SSLv3 56 bits ADH-DES-CBC-SHA >>> Rejected SSLv3 56 bits DES-CBC-SHA Rejected SSLv3 40 bits >>> EXP-EDH-RSA-DES-CBC-SHA Rejected SSLv3 40 bits >>> EXP-EDH-DSS-DES-CBC-SHA Rejected SSLv3 40 bits >>> EXP-ADH-DES-CBC-SHA Rejected SSLv3 40 bits EXP-DES-CBC-SHA >>> Rejected SSLv3 40 bits EXP-RC2-CBC-MD5 Rejected SSLv3 40 >>> bits EXP-ADH-RC4-MD5 Rejected SSLv3 40 bits EXP-RC4-MD5 >>> Rejected SSLv3 0 bits ECDHE-RSA-NULL-SHA Rejected SSLv3 0 >>> bits ECDHE-ECDSA-NULL-SHA Rejected SSLv3 0 bits >>> AECDH-NULL-SHA Rejected SSLv3 0 bits ECDH-RSA-NULL-SHA >>> Rejected SSLv3 0 bits ECDH-ECDSA-NULL-SHA Failed SSLv3 >>> 0 bits NULL-SHA256 Rejected SSLv3 0 bits NULL-SHA >>> Rejected SSLv3 0 bits NULL-MD5 Failed TLSv1 256 bits >>> ECDHE-RSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> ECDHE-ECDSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> ECDHE-RSA-AES256-SHA384 Failed TLSv1 256 bits >>> ECDHE-ECDSA-AES256-SHA384 Rejected TLSv1 256 bits >>> ECDHE-RSA-AES256-SHA Rejected TLSv1 256 bits >>> ECDHE-ECDSA-AES256-SHA Rejected TLSv1 256 bits >>> SRP-DSS-AES-256-CBC-SHA Rejected TLSv1 256 bits >>> SRP-RSA-AES-256-CBC-SHA Failed TLSv1 256 bits >>> DHE-DSS-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> DHE-RSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> DHE-RSA-AES256-SHA256 Failed TLSv1 256 bits >>> DHE-DSS-AES256-SHA256 Rejected TLSv1 256 bits >>> DHE-RSA-AES256-SHA Rejected TLSv1 256 bits >>> DHE-DSS-AES256-SHA Rejected TLSv1 256 bits >>> DHE-RSA-CAMELLIA256-SHA Rejected TLSv1 256 bits >>> DHE-DSS-CAMELLIA256-SHA Rejected TLSv1 256 bits >>> AECDH-AES256-SHA Rejected TLSv1 256 bits >>> SRP-AES-256-CBC-SHA Failed TLSv1 256 bits >>> ADH-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> ADH-AES256-SHA256 Rejected TLSv1 256 bits ADH-AES256-SHA >>> Rejected TLSv1 256 bits ADH-CAMELLIA256-SHA Failed TLSv1 >>> 256 bits ECDH-RSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> ECDH-ECDSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >>> ECDH-RSA-AES256-SHA384 Failed TLSv1 256 bits >>> ECDH-ECDSA-AES256-SHA384 Rejected TLSv1 256 bits >>> ECDH-RSA-AES256-SHA Rejected TLSv1 256 bits >>> ECDH-ECDSA-AES256-SHA Failed TLSv1 256 bits >>> AES256-GCM-SHA384 Failed TLSv1 256 bits AES256-SHA256 >>> Rejected TLSv1 256 bits AES256-SHA Rejected TLSv1 256 bits >>> CAMELLIA256-SHA Failed TLSv1 256 bits PSK-AES256-CBC-SHA >>> Rejected TLSv1 168 bits ECDHE-RSA-DES-CBC3-SHA Rejected >>> TLSv1 168 bits ECDHE-ECDSA-DES-CBC3-SHA Rejected TLSv1 168 >>> bits SRP-DSS-3DES-EDE-CBC-SHA Rejected TLSv1 168 bits >>> SRP-RSA-3DES-EDE-CBC-SHA Rejected TLSv1 168 bits >>> EDH-RSA-DES-CBC3-SHA Rejected TLSv1 168 bits >>> EDH-DSS-DES-CBC3-SHA Rejected TLSv1 168 bits >>> AECDH-DES-CBC3-SHA Rejected TLSv1 168 bits >>> SRP-3DES-EDE-CBC-SHA Rejected TLSv1 168 bits ADH-DES-CBC3-SHA >>> Rejected TLSv1 168 bits ECDH-RSA-DES-CBC3-SHA Rejected TLSv1 >>> 168 bits ECDH-ECDSA-DES-CBC3-SHA Rejected TLSv1 168 bits >>> DES-CBC3-SHA Failed TLSv1 168 bits PSK-3DES-EDE-CBC-SHA >>> Failed TLSv1 128 bits ECDHE-RSA-AES128-GCM-SHA256 Failed >>> TLSv1 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Failed TLSv1 >>> 128 bits ECDHE-RSA-AES128-SHA256 Failed TLSv1 128 bits >>> ECDHE-ECDSA-AES128-SHA256 Rejected TLSv1 128 bits >>> ECDHE-RSA-AES128-SHA Rejected TLSv1 128 bits >>> ECDHE-ECDSA-AES128-SHA Rejected TLSv1 128 bits >>> SRP-DSS-AES-128-CBC-SHA Rejected TLSv1 128 bits >>> SRP-RSA-AES-128-CBC-SHA Failed TLSv1 128 bits >>> DHE-DSS-AES128-GCM-SHA256 Failed TLSv1 128 bits >>> DHE-RSA-AES128-GCM-SHA256 Failed TLSv1 128 bits >>> DHE-RSA-AES128-SHA256 Failed TLSv1 128 bits >>> DHE-DSS-AES128-SHA256 Rejected TLSv1 128 bits >>> DHE-RSA-AES128-SHA Rejected TLSv1 128 bits >>> DHE-DSS-AES128-SHA Rejected TLSv1 128 bits DHE-RSA-SEED-SHA >>> Rejected TLSv1 128 bits DHE-DSS-SEED-SHA Rejected TLSv1 >>> 128 bits DHE-RSA-CAMELLIA128-SHA Rejected TLSv1 128 bits >>> DHE-DSS-CAMELLIA128-SHA Rejected TLSv1 128 bits >>> AECDH-AES128-SHA Rejected TLSv1 128 bits >>> SRP-AES-128-CBC-SHA Failed TLSv1 128 bits >>> ADH-AES128-GCM-SHA256 Failed TLSv1 128 bits >>> ADH-AES128-SHA256 Rejected TLSv1 128 bits ADH-AES128-SHA >>> Rejected TLSv1 128 bits ADH-SEED-SHA Rejected TLSv1 128 >>> bits ADH-CAMELLIA128-SHA Failed TLSv1 128 bits >>> ECDH-RSA-AES128-GCM-SHA256 Failed TLSv1 128 bits >>> ECDH-ECDSA-AES128-GCM-SHA256 Failed TLSv1 128 bits >>> ECDH-RSA-AES128-SHA256 Failed TLSv1 128 bits >>> ECDH-ECDSA-AES128-SHA256 Rejected TLSv1 128 bits >>> ECDH-RSA-AES128-SHA Rejected TLSv1 128 bits >>> ECDH-ECDSA-AES128-SHA Failed TLSv1 128 bits >>> AES128-GCM-SHA256 Failed TLSv1 128 bits AES128-SHA256 >>> Rejected TLSv1 128 bits AES128-SHA Rejected TLSv1 128 bits >>> SEED-SHA Rejected TLSv1 128 bits CAMELLIA128-SHA Failed >>> TLSv1 128 bits PSK-AES128-CBC-SHA Rejected TLSv1 128 bits >>> ECDHE-RSA-RC4-SHA Rejected TLSv1 128 bits >>> ECDHE-ECDSA-RC4-SHA Rejected TLSv1 128 bits AECDH-RC4-SHA >>> Rejected TLSv1 128 bits ADH-RC4-MD5 Rejected TLSv1 128 bits >>> ECDH-RSA-RC4-SHA Rejected TLSv1 128 bits ECDH-ECDSA-RC4-SHA >>> Rejected TLSv1 128 bits RC4-SHA Rejected TLSv1 128 bits >>> RC4-MD5 Failed TLSv1 128 bits PSK-RC4-SHA Rejected TLSv1 >>> 56 bits EDH-RSA-DES-CBC-SHA Rejected TLSv1 56 bits >>> EDH-DSS-DES-CBC-SHA Rejected TLSv1 56 bits ADH-DES-CBC-SHA >>> Rejected TLSv1 56 bits DES-CBC-SHA Rejected TLSv1 40 bits >>> EXP-EDH-RSA-DES-CBC-SHA Rejected TLSv1 40 bits >>> EXP-EDH-DSS-DES-CBC-SHA Rejected TLSv1 40 bits >>> EXP-ADH-DES-CBC-SHA Rejected TLSv1 40 bits EXP-DES-CBC-SHA >>> Rejected TLSv1 40 bits EXP-RC2-CBC-MD5 Rejected TLSv1 40 >>> bits EXP-ADH-RC4-MD5 Rejected TLSv1 40 bits EXP-RC4-MD5 >>> Rejected TLSv1 0 bits ECDHE-RSA-NULL-SHA Rejected TLSv1 0 >>> bits ECDHE-ECDSA-NULL-SHA Rejected TLSv1 0 bits >>> AECDH-NULL-SHA Rejected TLSv1 0 bits ECDH-RSA-NULL-SHA >>> Rejected TLSv1 0 bits ECDH-ECDSA-NULL-SHA Failed TLSv1 >>> 0 bits NULL-SHA256 Rejected TLSv1 0 bits NULL-SHA >>> Rejected TLSv1 0 bits NULL-MD5 >>> >>> The cipher appears to be supported by both client (OpenSSL >>> s_client) and server (Also using the same version of OpenSSL) >>> but the handshake cannot complete. >>> >>> Let's try another cipher. How about one that worked before: >>> DHE-RSA-AES256-SHA >>> >>> >>> <Connector port="8218" >>> protocol="org.apache.coyote.http11.Http11AprProtocol" >>> SSLEnabled="true" secure="true" scheme="https" >>> SSLCipherSuite="DHE-RSA-AES256-SHA" >>> SSLCertificateKeyFile="[...]" SSLCertificateFile="[...]" >>> SSLCertificateChainFile="[...]" SSLProtocol="TLSv1" >>> executor="tomcatThreadPool" URIEncoding="UTF-8" /> >>> >>> $ openssl c_client -connect myhost:8218 [...] SSL-Session: >>> Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA [...] >>> >>> Works. Firefox 26 also works. >>> >>> There must be some kind of problem with configuring >>> ECDHE-ECDSA-AES128-SHA256 specifically. Try another cipher? >> >> Oh, I also tried this: >> >> <Connector port="8218" >> protocol="org.apache.coyote.http11.Http11AprProtocol" >> SSLEnabled="true" secure="true" scheme="https" >> SSLCertificateKeyFile="[...]" SSLCertificateFile="[...]" >> SSLCertificateChainFile="[...]" SSLProtocol="TLSv1" >> executor="tomcatThreadPool" URIEncoding="UTF-8" /> >> >> $ openssl s_client -connect myhost:8218 -cipher >> ECDHE-ECDSA-AES128-SHA256 CONNECTED(00000003) >> 140418231797416:error:14077410:SSL >> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake >> failure:s23_clnt.c:741: >> >> (Try some other cipher) $ openssl s_client -connect myhost:8218 >> -cipher DHE-RSA-AES256-SHA >> >> [...] SSL-Session: Protocol : TLSv1 Cipher : >> DHE-RSA-AES256-SHA [...] >> >> $ sslscan myhost:8218 | grep ECDHE-ECDSA Failed SSLv3 256 >> bits ECDHE-ECDSA-AES256-GCM-SHA384 Failed SSLv3 256 bits >> ECDHE-ECDSA-AES256-SHA384 Rejected SSLv3 256 bits >> ECDHE-ECDSA-AES256-SHA Rejected SSLv3 168 bits >> ECDHE-ECDSA-DES-CBC3-SHA Failed SSLv3 128 bits >> ECDHE-ECDSA-AES128-GCM-SHA256 Failed SSLv3 128 bits >> ECDHE-ECDSA-AES128-SHA256 Rejected SSLv3 128 bits >> ECDHE-ECDSA-AES128-SHA Rejected SSLv3 128 bits >> ECDHE-ECDSA-RC4-SHA Rejected SSLv3 0 bits >> ECDHE-ECDSA-NULL-SHA Failed TLSv1 256 bits >> ECDHE-ECDSA-AES256-GCM-SHA384 Failed TLSv1 256 bits >> ECDHE-ECDSA-AES256-SHA384 Rejected TLSv1 256 bits >> ECDHE-ECDSA-AES256-SHA Rejected TLSv1 168 bits >> ECDHE-ECDSA-DES-CBC3-SHA Failed TLSv1 128 bits >> ECDHE-ECDSA-AES128-GCM-SHA256 Failed TLSv1 128 bits >> ECDHE-ECDSA-AES128-SHA256 Rejected TLSv1 128 bits >> ECDHE-ECDSA-AES128-SHA Rejected TLSv1 128 bits >> ECDHE-ECDSA-RC4-SHA Rejected TLSv1 0 bits >> ECDHE-ECDSA-NULL-SHA >> >> It looks like there is something wrong with the ECDHE-ECDSA >> suites. If anything, this is an OpenSSL problem and not a Tomcat >> one: Tomcat doesn't do anything with the crypto, here. >> >> - -chris > > Did you make an ECDSA cert? > > . . . . still in RFP response mode, so only 1/2 cent here ECDHE is Elliptic curve Diffie–Hellman Exchange, which is just DHE with elliptic curve. Note that I was able to use other (non-EC) DHE ciphers. AFAIK, the only choice you have when creating an SSL/TLS certificate is whether to create an RSA or DSA key. The problem is more likely that the "ECDSA" part of the algorithm won't work without a DSA key. Thanks for pointing that out. On the other hand, it appears that no ECDHE ciphers are working: $ sslscan myhost:8218 | grep ECDHE Failed SSLv3 256 bits ECDHE-RSA-AES256-GCM-SHA384 Failed SSLv3 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Failed SSLv3 256 bits ECDHE-RSA-AES256-SHA384 Failed SSLv3 256 bits ECDHE-ECDSA-AES256-SHA384 Rejected SSLv3 256 bits ECDHE-RSA-AES256-SHA Rejected SSLv3 256 bits ECDHE-ECDSA-AES256-SHA Rejected SSLv3 168 bits ECDHE-RSA-DES-CBC3-SHA Rejected SSLv3 168 bits ECDHE-ECDSA-DES-CBC3-SHA Failed SSLv3 128 bits ECDHE-RSA-AES128-GCM-SHA256 Failed SSLv3 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Failed SSLv3 128 bits ECDHE-RSA-AES128-SHA256 Failed SSLv3 128 bits ECDHE-ECDSA-AES128-SHA256 Rejected SSLv3 128 bits ECDHE-RSA-AES128-SHA Rejected SSLv3 128 bits ECDHE-ECDSA-AES128-SHA Rejected SSLv3 128 bits ECDHE-RSA-RC4-SHA Rejected SSLv3 128 bits ECDHE-ECDSA-RC4-SHA Rejected SSLv3 0 bits ECDHE-RSA-NULL-SHA Rejected SSLv3 0 bits ECDHE-ECDSA-NULL-SHA Failed TLSv1 256 bits ECDHE-RSA-AES256-GCM-SHA384 Failed TLSv1 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Failed TLSv1 256 bits ECDHE-RSA-AES256-SHA384 Failed TLSv1 256 bits ECDHE-ECDSA-AES256-SHA384 Rejected TLSv1 256 bits ECDHE-RSA-AES256-SHA Rejected TLSv1 256 bits ECDHE-ECDSA-AES256-SHA Rejected TLSv1 168 bits ECDHE-RSA-DES-CBC3-SHA Rejected TLSv1 168 bits ECDHE-ECDSA-DES-CBC3-SHA Failed TLSv1 128 bits ECDHE-RSA-AES128-GCM-SHA256 Failed TLSv1 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Failed TLSv1 128 bits ECDHE-RSA-AES128-SHA256 Failed TLSv1 128 bits ECDHE-ECDSA-AES128-SHA256 Rejected TLSv1 128 bits ECDHE-RSA-AES128-SHA Rejected TLSv1 128 bits ECDHE-ECDSA-AES128-SHA Rejected TLSv1 128 bits ECDHE-RSA-RC4-SHA Rejected TLSv1 128 bits ECDHE-ECDSA-RC4-SHA Rejected TLSv1 0 bits ECDHE-RSA-NULL-SHA Rejected TLSv1 0 bits ECDHE-ECDSA-NULL-SHA OpenSSL does have a few new tricks since the EC stuff was added, though: $ openssl --help [...] dhparam ecparam ec gendh genpkey pkeyparam [...] It looks like these algorithms probably *do* require a different flavor of key, and not just a standard RSA key like most folks are used to (and even if the algorithm contains "RSA" and not "DSA", among other things). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSyK8XAAoJEBzwKT+lPKRYcTIP/3fxN7Ctf+ROs2hbvXgmQT5P xE2VIFXP8wIAhiSogDmMKipx5T7zR06JzwutB/5a/0rZ2n+nMy5bVmkgA9K1ZiDH n4Ccfr8zpanTSt51GhXg5rLwg2LAB3KrnL2Dyb8sI0g2QEmoh0XgFTbGwcBeuin3 2ZAXC/y5QhKoUBk7Iv66AoQ7YTV8kJJpwIjBY4Mhbd9sZTRh7YWKtAwbXEkuveqz 5M3rv/H4aDS4FE6zgZ2fgUy4qAnoyr+1wjC1vWIdPe7BEe4tlDoI/tx95H7ggjvr Gy5FomHSoHvV2EkjzWJdiD/g5HW43AjpkpCLwLjlDnufLFgZtRbrVXMX8QxHjL2G V5F6cb/+ZUXGoUgyBiFsG1QkJELcKP7BLBu2ew3BBiW8ybrFPulIQet97EZ0nE4/ aTJxx7AnjMjuHlYHGu3q2xz983SViulYtJ1iShbpYESePQfnA77aEqmP9nytD6Dg gqgudz7ecy1x5nGkYj8VT4/6Tkc6t8kGIQGWoQbJoEt4cQWfQVOZP+lFKtXkGwxL 7b0ykx6b+x/pvEHPttYTMzRbYMnQ5mInhT6266jPPQThcLOXwjn16PD9UQkslFp9 nxbpoj5o7S86qfB/XONL+E9WgWfpWmgkLKMQ06pYeZLo0L47RERg20eSLhNYRUTu VRRJySduvE3hWnCj5IZp =Jak9 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org