RE: sslHostConfig and ciphers

[jonmcalexander]

So, this is giving out this errors:

javax.net.ssl|WARNING|01|main|2023-03-03 16:14:43.438 
UTC|SSLSocketImpl.java:1468|handling exception (
"throwable" : {
  java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:210)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at 
sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:475)
        at 
sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:469)
        at 
sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:159)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at 
sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
        at 
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at 
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
        at 
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
        at 
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
        at 
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at 
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at 
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
        at 
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:87)
        at 
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
        at 
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
        at 
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
        at 
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at 
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at 
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:771)
        at 
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:755)
        at 
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:175)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:155)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:97)
        at 
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:174)
        at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardService.startInternal(StandardService.java:430)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)
javax.net.ssl|SEVERE|01|main|2023-03-03 16:14:43.440 
UTC|TransportContext.java:362|Fatal (UNEXPECTED_MESSAGE): 
java.net.SocketException: Connection reset (
"throwable" : {
  java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:210)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at 
sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:475)
        at 
sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:469)
        at 
sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:159)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at 
sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
        at 
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at 
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
        at 
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
        at 
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
        at 
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at 
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at 
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
        at 
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:87)
        at 
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
        at 
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
        at 
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
        at 
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at 
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at 
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:771)
        at 
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:755)
        at 
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:175)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:155)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:97)
        at 
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:174)
        at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardService.startInternal(StandardService.java:430)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)
javax.net.ssl|FINE|01|main|2023-03-03 16:14:43.444 
UTC|SSLSocketOutputRecord.java:73|WRITE: TLS12 alert(unexpected_message), 
length = 2
javax.net.ssl|WARNING|01|main|2023-03-03 16:14:43.445 
UTC|TransportContext.java:409|Fatal: failed to send fatal alert 
UNEXPECTED_MESSAGE (
"throwable" : {
  java.net.SocketException: Broken pipe (Write failed)
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:111)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:155)
        at 
sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:83)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:406)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at 
sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1496)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:427)
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
        at 
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
        at 
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
        at 
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
        at 
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
        at 
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
        at 
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at 
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at 
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
        at 
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56)
        at 
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInternal(HttpComponentsClientHttpRequest.java:87)
        at 
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
        at 
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
        at 
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
        at 
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at 
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at 
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:771)
        at 
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java:755)
        at 
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(SpringBootServletInitializer.java:175)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.createRootApplicationContext(SpringBootServletInitializer.java:155)
        at 
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onStartup(SpringBootServletInitializer.java:97)
        at 
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringServletContainerInitializer.java:174)
        at 
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1393)
        at 
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1383)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at 
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
        at 
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:134)
        at 
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at 
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardService.startInternal(StandardService.java:430)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at 
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)

Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com
This message may contain confidential and/or privileged information. If you are 
not the addressee or authorized to receive this for the addressee, you must not 
use, copy, disclose, or take any action based on this message or any 
information herein. If you have received this message in error, please advise 
the sender immediately by reply e-mail and delete this message. Thank you for 
your cooperation.

> -----Original Message-----
> From: Mark Thomas <ma...@apache.org>
> Sent: Wednesday, March 8, 2023 2:38 AM
> To: users@tomcat.apache.org
> Subject: Re: sslHostConfig and ciphers
> 
> 
> 
> On 08/03/2023 07:45, l...@kreuser.name wrote:
> > Beware Jon,
> >
> >> Am 08.03.2023 um 07:56 schrieb jonmcalexan...@wellsfargo.com.invalid
> <jonmcalexan...@wellsfargo.com.INVALID>:
> >>
> >> Fwiw, this is happening in an outbound connection originated by a
> springboot app hosted in Tomcat. Any known issues with this and handshake
> issues?
> 
> What is happening? I have re-read the thread several times and can't find a
> description of what isn't working.
> 
> >>
> >
> > Then the tomcat sslHostConfig does not matter at all, only the one on the
> java options (or security config) "jdk.tls.client.cipherSuites".
> 
> That is likely the one to allok at although be aware limiting the TLS protocol
> versions will also limit the available cipher suites.
> 
> Mark
> 
> 
> >
> >
> > Peter
> >
> >
> >>
> >> Thanks,
> >>
> >>
> >> Sent with BlackBerry Work
> >>
> (https://urldefense.com/v3/__http://www.blackberry.com__;!!F9svGWnIa
> V
> >>
> PGSwU!rn8hAxbKChAQcZcGDky44IXsMGn4HVUmz1P2A_cfDFIjcAP9gMzHo
> MlwWIKKGs-
> >> i14GtS4JBpprpqxOcRTbK9A$ ) ________________________________
> >> From: jonmcalexan...@wellsfargo.com.INVALID
> >> Sent: Mar 4, 2023 3:08 AM
> >> To: users@tomcat.apache.org
> >> Subject: RE: sslHostConfig and ciphers
> >>
> >> Thank you!!!
> >>
> >>
> >> Thanks,
> >>
> >>
> >> Sent with BlackBerry Work
> >>
> (https://urldefense.com/v3/__http://www.blackberry.com__;!!F9svGWnIa
> V
> >> PGSwU!sOH_wTKBGJ6Btc-
> RekE10jWwQ85jkQkEltIWa0AaoIbooX5UMGSH88GoLuiVcjY
> >> RxEg9wZBM3INUA8zBXKbc56z70yYUpimTy-zbVbi6bbQ$ )
> >> ________________________________
> >> From: "Thomas Hoffmann (Speed4Trade GmbH)"
> >> <thomas.hoffm...@speed4trade.com.INVALID>
> >> Sent: Mar 4, 2023 1:22 AM
> >> To: Tomcat Users List <users@tomcat.apache.org>
> >> Subject: AW: sslHostConfig and ciphers
> >>
> >> Hello,
> >>
> >> this message originates from your used java. It's not from tomcat.
> >> Java doesn't know this cipher-suite or is disabled in java.security
> >>
> >> You can list the supported ciphers via some code lines like
> >>
> https://urldefense.com/v3/__https://stackoverflow.com/questions/93335
> >> 04/how-can-i-list-the-available-cipher-
> algorithms__;!!F9svGWnIaVPGSwU
> >> !ok1eVR9QoczE-D4sspGE5zZh3h7aTnNIrKfVfkKUC4CSWI-
> 99BHQNKZNO1VwWMhDzKjx
> >> pRQIsilgijmwV8_swl6-GicjRiAnIId8fctCkh9Xjg$
> >>
> >> Greetings, Thomas
> >>
> >>> -----Ursprüngliche Nachricht-----
> >>> Von: jonmcalexan...@wellsfargo.com.INVALID
> >>> <jonmcalexan...@wellsfargo.com.INVALID>
> >>> Gesendet: Freitag, 3. März 2023 18:38
> >>> An: users@tomcat.apache.org
> >>> Betreff: sslHostConfig and ciphers
> >>>
> >>> Ok, I don't know if I'm doing something wrong, or if I'm just not
> >>> reading the output correctly.
> >>>
> >>> I have JSSE connector using sslHostConfig and in there I have
> >>> defined ciphers, as below:
> >>>
> >>> <Connector port="8453"
> >>> protocol="org.apache.coyote.http11.Http11NioProtocol"
> >>> maxThreads="150"
> >>> maxHttpHeaderSize="16384"
> >>> compression="on"
> >>> scheme="https"
> >>> SSLEnabled="true"
> >>> secure="true"
> >>> defaultSSLHostConfigName="test.test">
> >>> <SSLHostConfig
> >>> hostName="test.test"
> >>> protocols="TLSv1.2"
> >>>
> ciphers="TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WI
> TH
> >>>
> _AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
> ,
> >>>
> TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256
> _C
> >>>
> CM,TLS_ECDHE_ECDSA_WITH_AES_256_CCM,TLS_DHE_RSA_WITH_AES_256
> _
> >>> CCM_8,
> >>>
> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,TLS_DHE_RSA_WITH_AES_128_
> G
> >>> CM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
> >>>
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES
> _1
> >>> 28_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CCM,
> >>>
> TLS_ECDHE_ECDSA_WITH_AES_128_CCM,TLS_DHE_RSA_WITH_AES_128_CC
> M
> >>> _8,TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
> >>>
> TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH
> _
> >>> CHACHA20_POLY1305_SHA256,
> >>> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
> >>> <Certificate
> >>> certificateKeystoreFile="<path to certificate keystore (JKS)>"
> >>> certificateKeystorePassword ="${keystore.pass}"
> >>> certificateKeyPassword="${keystore.pass}"
> >>> certificateKeyAlias="<ALIAS>"
> >>> />
> >>> </SSLHostConfig>
> >>> </Connector>
> >>>
> >>> However, if I enable ssl debugging, I am getting the following
> >>> messages in my catalina.out file.
> >>>
> >>> 03-Mar-2023 16:43:22.120 INFO [main]
> >>> org.apache.coyote.AbstractProtocol.init
> >>> Initializing ProtocolHandler ["https-jsse-nio-9443"]
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.146
> >>> UTC|SSLContextImpl.java:425|System property
> >>> UTC|jdk.tls.client.cipherSuites is set
> >>> to 'null'
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.150
> >>> UTC|SSLContextImpl.java:425|System property
> >>> UTC|jdk.tls.server.cipherSuites is set
> >>> to 'null'
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.161
> >>> UTC|SSLCipher.java:438|jdk.tls.keyLimits:  entry = AES/GCM/NoPadding
> >>> KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.201
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.201
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.202
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.202
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.202
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.202
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.203
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.212
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.212
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.213
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.213
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.213
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.213
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.214
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.221
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_GCM_SHA384
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.221
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_GCM_SHA384
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.221
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_GCM_SHA256
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.222
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_GCM_SHA256
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.222
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_CBC_SHA256
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.222
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_CBC_SHA256
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.222
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_anon_WITH_AES_256_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.223
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_anon_WITH_AES_256_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.223
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.223
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_256_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.223
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_CBC_SHA256
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.224
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_CBC_SHA256
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.224
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_anon_WITH_AES_128_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.224
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_anon_WITH_AES_128_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.224
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.225
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_DH_anon_WITH_AES_128_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.228
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.228
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.229
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.229
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.229
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.229
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.230
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.230
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.231
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.231
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_RC4_128_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_RC4_128_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.232
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_anon_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.237
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_anon_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.237
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DH_anon_WITH_RC4_128_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DH_anon_WITH_RC4_128_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.238
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_DES_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_DES_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.238
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_WITH_DES_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_WITH_DES_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_WITH_DES_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.239
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_WITH_DES_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DH_anon_WITH_DES_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.239
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DH_anon_WITH_DES_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.240
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.240
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.240
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.240
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.241
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.241
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.242
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.257
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_RSA_WITH_NULL_SHA256
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.258
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_RSA_WITH_NULL_SHA256
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.258
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.259
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.259
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.260
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_anon_WITH_NULL_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.260
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_anon_WITH_NULL_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_NULL_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.261
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_NULL_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.262
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.270
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_3DES_EDE_CBC_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_3DES_EDE_CBC_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.270
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_RC4_128_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_RC4_128_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_RC4_128_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.271
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_RC4_128_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_DES_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.271
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_DES_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_WITH_DES_CBC_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_WITH_DES_CBC_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.272
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.272
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.273
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_RC4_40_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.273
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_RC4_40_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.273
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.287
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_KRB5_EXPORT_WITH_RC4_40_MD5
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.291
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.293
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.293
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.294
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_AES_256_GCM_SHA384
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_AES_128_GCM_SHA256
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.295
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.300
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.300
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.302
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.302
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.303
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.303
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.305
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.305
> >>> UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>> javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.305
> >>> UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
> >>> SSL_RSA_WITH_3DES_EDE_CBC_SHA
> >>>
> >>> Have I configured something incorrectly?
> >>>
> >>> Thank you,
> >>>
> >>> Dream * Excel * Explore * Inspire
> >>> Jon McAlexander
> >>> Senior Infrastructure Engineer
> >>> Asst. Vice President
> >>> He/His
> >>>
> >>> Middleware Product Engineering
> >>> Enterprise CIO | EAS | Middleware | Infrastructure Solutions
> >>>
> >>> 8080 Cobblestone Rd | Urbandale, IA 50322
> >>> MAC: F4469-010
> >>> Tel 515-988-2508 | Cell 515-988-2508
> >>>
> >>>
> jonmcalexan...@wellsfargo.com<mailto:jonmcalexan...@wellsfargo.com>
> >>> This message may contain confidential and/or privileged information.
> >>> If you are not the addressee or authorized to receive this for the
> >>> addressee, you must not use, copy, disclose, or take any action
> >>> based on this message or any information herein. If you have
> >>> received this message in error, please advise the sender immediately
> >>> by reply e-mail and delete this message. Thank you for your
> cooperation.
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> >> For additional commands, e-mail: users-h...@tomcat.apache.org
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> > For additional commands, e-mail: users-h...@tomcat.apache.org
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org