Re: AW: sslHostConfig and ciphers

Christopher Schultz Wed, 08 Mar 2023 08:24:25 -0800

Thomas,

On 3/8/23 11:16, Thomas Hoffmann (Speed4Trade GmbH) wrote:

the error messages when encryption/decryption fails are often not much helpful.


I don't see any evience of encryption or decryption operations failing.

-chris

-----Ursprüngliche Nachricht-----
Von: jonmcalexan...@wellsfargo.com.INVALID
<jonmcalexan...@wellsfargo.com.INVALID>
Gesendet: Mittwoch, 8. März 2023 17:04
An: users@tomcat.apache.org
Betreff: RE: sslHostConfig and ciphers

So, this is giving out this errors:

javax.net.ssl|WARNING|01|main|2023-03-03 16:14:43.438
UTC|SSLSocketImpl.java:1468|handling exception ( "throwable" : {
   java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:210)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at
sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:475)
        at
sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:4
69)
        at
sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:159)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at
sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSL
ConnectionSocketFactory.java:436)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnec
tionSocketFactory.java:384)
        at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(Defa
ultHttpClientConnectionOperator.java:142)
        at
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(Pooli
ngHttpClientConnectionManager.java:376)
        at
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec
.java:393)
        at
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:2
36)
        at
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at
org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.jav
a:185)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:83)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:56)
        at
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInte
rnal(HttpComponentsClientHttpRequest.java:87)
        at
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInt
ernal(AbstractBufferingClientHttpRequest.java:48)
        at
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractCli
entHttpRequest.java:66)
        at
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:7
76)
        at
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java
:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:
771)
        at
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java
:755)
        at
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(
SpringBootServletInitializer.java:175)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.crea
teRootApplicationContext(SpringBootServletInitializer.java:155)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onSt
artup(SpringBootServletInitializer.java:97)
        at
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringSer
vletContainerInitializer.java:174)
        at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5
211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardService.startInternal(StandardService.java:43
0)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
62)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
mpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)
javax.net.ssl|SEVERE|01|main|2023-03-03 16:14:43.440
UTC|TransportContext.java:362|Fatal (UNEXPECTED_MESSAGE):
java.net.SocketException: Connection reset ( "throwable" : {
   java.net.SocketException: Connection reset
        at java.net.SocketInputStream.read(SocketInputStream.java:210)
        at java.net.SocketInputStream.read(SocketInputStream.java:141)
        at
sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:475)
        at
sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:4
69)
        at
sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:159)
        at sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
        at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1320)
        at
sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1233)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:417)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSL
ConnectionSocketFactory.java:436)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnec
tionSocketFactory.java:384)
        at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(Defa
ultHttpClientConnectionOperator.java:142)
        at
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(Pooli
ngHttpClientConnectionManager.java:376)
        at
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec
.java:393)
        at
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:2
36)
        at
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at
org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.jav
a:185)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:83)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:56)
        at
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInte
rnal(HttpComponentsClientHttpRequest.java:87)
        at
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInt
ernal(AbstractBufferingClientHttpRequest.java:48)
        at
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractCli
entHttpRequest.java:66)
        at
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:7
76)
        at
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java
:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:
771)
        at
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java
:755)
        at
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(
SpringBootServletInitializer.java:175)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.crea
teRootApplicationContext(SpringBootServletInitializer.java:155)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onSt
artup(SpringBootServletInitializer.java:97)
        at
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringSer
vletContainerInitializer.java:174)
        at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5
211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardService.startInternal(StandardService.java:43
0)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
62)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
mpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)
javax.net.ssl|FINE|01|main|2023-03-03 16:14:43.444
UTC|SSLSocketOutputRecord.java:73|WRITE: TLS12
alert(unexpected_message), length = 2
javax.net.ssl|WARNING|01|main|2023-03-03 16:14:43.445
UTC|TransportContext.java:409|Fatal: failed to send fatal alert
UNEXPECTED_MESSAGE ( "throwable" : {
   java.net.SocketException: Broken pipe (Write failed)
        at java.net.SocketOutputStream.socketWrite0(Native Method)
        at
java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:111)
        at java.net.SocketOutputStream.write(SocketOutputStream.java:155)
        at
sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.ja
va:83)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:406)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:313)
        at sun.security.ssl.TransportContext.fatal(TransportContext.java:308)
        at
sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1496)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:427)
        at
sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:389)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSL
ConnectionSocketFactory.java:436)
        at
org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnec
tionSocketFactory.java:384)
        at
org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(Defa
ultHttpClientConnectionOperator.java:142)
        at
org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(Pooli
ngHttpClientConnectionManager.java:376)
        at
org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec
.java:393)
        at
org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:2
36)
        at
org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
        at
org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
        at
org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
        at
org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.jav
a:185)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:83)
        at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.ja
va:56)
        at
org.springframework.http.client.HttpComponentsClientHttpRequest.executeInte
rnal(HttpComponentsClientHttpRequest.java:87)
        at
org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInt
ernal(AbstractBufferingClientHttpRequest.java:48)
        at
org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractCli
entHttpRequest.java:66)
        at
org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:7
76)
        at
org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
        at
org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java
:334)
        at com.wellsfargo.b2binv.EDDApplication.run(EDDApplication.java:43)
        at
org.springframework.boot.SpringApplication.callRunner(SpringApplication.java:
771)
        at
org.springframework.boot.SpringApplication.callRunners(SpringApplication.java
:755)
        at
org.springframework.boot.SpringApplication.run(SpringApplication.java:315)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.run(
SpringBootServletInitializer.java:175)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.crea
teRootApplicationContext(SpringBootServletInitializer.java:155)
        at
org.springframework.boot.web.servlet.support.SpringBootServletInitializer.onSt
artup(SpringBootServletInitializer.java:97)
        at
org.springframework.web.SpringServletContainerInitializer.onStartup(SpringSer
vletContainerInitializer.java:174)
        at
org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5
211)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:835)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:139
3)
        at
org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:138
3)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at
org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorSer
vice.java:75)
        at
java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.ja
va:134)
        at
org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:916)
        at
org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:265
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardService.startInternal(StandardService.java:43
0)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:930
)
        at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:772)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
62)
        at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
mpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:347)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:478)}

)

Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com
This message may contain confidential and/or privileged information. If you
are not the addressee or authorized to receive this for the addressee, you must
not use, copy, disclose, or take any action based on this message or any
information herein. If you have received this message in error, please advise
the sender immediately by reply e-mail and delete this message. Thank you for
your cooperation.

-----Original Message-----
From: Mark Thomas <ma...@apache.org>
Sent: Wednesday, March 8, 2023 2:38 AM
To: users@tomcat.apache.org
Subject: Re: sslHostConfig and ciphers



On 08/03/2023 07:45, l...@kreuser.name wrote:

Beware Jon,

Am 08.03.2023 um 07:56 schrieb
jonmcalexan...@wellsfargo.com.invalid

<jonmcalexan...@wellsfargo.com.INVALID>:


Fwiw, this is happening in an outbound connection originated by a

springboot app hosted in Tomcat. Any known issues with this and
handshake issues?

What is happening? I have re-read the thread several times and can't
find a description of what isn't working.


Then the tomcat sslHostConfig does not matter at all, only the one
on the

java options (or security config) "jdk.tls.client.cipherSuites".

That is likely the one to allok at although be aware limiting the TLS
protocol versions will also limit the available cipher suites.

Mark



Peter


Thanks,


Sent with BlackBerry Work

(https://urldefense.com/v3/__http://www.blackberry.com__;!!F9svGWnIa
V

PGSwU!rn8hAxbKChAQcZcGDky44IXsMGn4HVUmz1P2A_cfDFIjcAP9gMzHo
MlwWIKKGs-

i14GtS4JBpprpqxOcRTbK9A$ ) ________________________________
From: jonmcalexan...@wellsfargo.com.INVALID
Sent: Mar 4, 2023 3:08 AM
To: users@tomcat.apache.org
Subject: RE: sslHostConfig and ciphers

Thank you!!!


Thanks,


Sent with BlackBerry Work

(https://urldefense.com/v3/__http://www.blackberry.com__;!!F9svGWnIa
V

PGSwU!sOH_wTKBGJ6Btc-

RekE10jWwQ85jkQkEltIWa0AaoIbooX5UMGSH88GoLuiVcjY

RxEg9wZBM3INUA8zBXKbc56z70yYUpimTy-zbVbi6bbQ$ )
________________________________
From: "Thomas Hoffmann (Speed4Trade GmbH)"
<thomas.hoffm...@speed4trade.com.INVALID>
Sent: Mar 4, 2023 1:22 AM
To: Tomcat Users List <users@tomcat.apache.org>
Subject: AW: sslHostConfig and ciphers

Hello,

this message originates from your used java. It's not from tomcat.
Java doesn't know this cipher-suite or is disabled in java.security

You can list the supported ciphers via some code lines like

https://urldefense.com/v3/__https://stackoverflow.com/questions/93335

04/how-can-i-list-the-available-cipher-

algorithms__;!!F9svGWnIaVPGSwU

!ok1eVR9QoczE-D4sspGE5zZh3h7aTnNIrKfVfkKUC4CSWI-

99BHQNKZNO1VwWMhDzKjx

pRQIsilgijmwV8_swl6-GicjRiAnIId8fctCkh9Xjg$

Greetings, Thomas

-----Ursprüngliche Nachricht-----
Von: jonmcalexan...@wellsfargo.com.INVALID
<jonmcalexan...@wellsfargo.com.INVALID>
Gesendet: Freitag, 3. März 2023 18:38
An: users@tomcat.apache.org
Betreff: sslHostConfig and ciphers

Ok, I don't know if I'm doing something wrong, or if I'm just not
reading the output correctly.

I have JSSE connector using sslHostConfig and in there I have
defined ciphers, as below:

<Connector port="8453"
protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150"
maxHttpHeaderSize="16384"
compression="on"
scheme="https"
SSLEnabled="true"
secure="true"
defaultSSLHostConfigName="test.test">
<SSLHostConfig
hostName="test.test"
protocols="TLSv1.2"

ciphers="TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WI
TH

_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
,

TLS_DHE_DSS_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256
_C

CM,TLS_ECDHE_ECDSA_WITH_AES_256_CCM,TLS_DHE_RSA_WITH_AES_256
_

CCM_8,

TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8,TLS_DHE_RSA_WITH_AES_128_
G

CM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_DHE_DSS_WITH_AES
_1

28_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CCM,

TLS_ECDHE_ECDSA_WITH_AES_128_CCM,TLS_DHE_RSA_WITH_AES_128_CC
M

_8,TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_ECDHE_RSA_WITH
_

CHACHA20_POLY1305_SHA256,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256"
<Certificate
certificateKeystoreFile="<path to certificate keystore (JKS)>"
certificateKeystorePassword ="${keystore.pass}"
certificateKeyPassword="${keystore.pass}"
certificateKeyAlias="<ALIAS>"
/>
</SSLHostConfig>
</Connector>

However, if I enable ssl debugging, I am getting the following
messages in my catalina.out file.

03-Mar-2023 16:43:22.120 INFO [main]
org.apache.coyote.AbstractProtocol.init
Initializing ProtocolHandler ["https-jsse-nio-9443"]
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.146
UTC|SSLContextImpl.java:425|System property
UTC|jdk.tls.client.cipherSuites is set
to 'null'
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.150
UTC|SSLContextImpl.java:425|System property
UTC|jdk.tls.server.cipherSuites is set
to 'null'
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.161
UTC|SSLCipher.java:438|jdk.tls.keyLimits:  entry =
UTC|AES/GCM/NoPadding
KeyUpdate 2^37. AES/GCM/NOPADDING:KEYUPDATE = 137438953472
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.201
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.201
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.202
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.202
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.202
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.202
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.203
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.212
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.212
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.213
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.213
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.213
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.213
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.214
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.221
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_256_GCM_SHA384
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.221
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_256_GCM_SHA384
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.221
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_128_GCM_SHA256
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.222
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_128_GCM_SHA256
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.222
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_256_CBC_SHA256
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.222
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_256_CBC_SHA256
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.222
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.223
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.223
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.223
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_256_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.223
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_128_CBC_SHA256
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.224
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_128_CBC_SHA256
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.224
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.224
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.224
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_DH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.225
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_DH_anon_WITH_AES_128_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.228
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.228
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.229
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.229
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.229
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.229
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.230
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.230
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.230
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.231
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.231
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_RC4_128_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.231
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_RC4_128_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.232
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_anon_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.237
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_anon_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.237
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DH_anon_WITH_RC4_128_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DH_anon_WITH_RC4_128_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.238
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_DES_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.238
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.238
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_WITH_DES_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.239
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_WITH_DES_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DH_anon_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.239
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DH_anon_WITH_DES_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.239
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.240
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.240
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.240
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.240
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.241
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.241
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.241
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.242
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.257
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_RSA_WITH_NULL_SHA256
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.258
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_RSA_WITH_NULL_SHA256
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.258
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.258
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.259
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.259
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.259
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.260
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_anon_WITH_NULL_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.260
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_anon_WITH_NULL_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.260
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_NULL_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.261
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_NULL_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.262
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.270
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.270
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_RC4_128_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.270
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_RC4_128_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_RC4_128_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.271
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_RC4_128_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_DES_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.271
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_DES_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.271
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_WITH_DES_CBC_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_WITH_DES_CBC_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.272
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.272
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.272
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.273
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_EXPORT_WITH_RC4_40_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.273
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_EXPORT_WITH_RC4_40_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.273
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_KRB5_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.287
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_KRB5_EXPORT_WITH_RC4_40_MD5
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.291
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.292
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.293
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.293
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.293
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.294
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_AES_256_GCM_SHA384
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.294
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_AES_128_GCM_SHA256
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.295
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.300
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.300
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.301
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.302
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.302
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.302
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.303
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.303
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.303
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.304
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.305
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|FINE|01|main|2023-03-03 16:43:22.305
UTC|SSLContextImpl.java:399|Ignore disabled cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA
javax.net.ssl|ALL|01|main|2023-03-03 16:43:22.305
UTC|SSLContextImpl.java:408|Ignore unsupported cipher suite:
SSL_RSA_WITH_3DES_EDE_CBC_SHA

Have I configured something incorrectly?

Thank you,

Dream * Excel * Explore * Inspire
Jon McAlexander
Senior Infrastructure Engineer
Asst. Vice President
He/His

Middleware Product Engineering
Enterprise CIO | EAS | Middleware | Infrastructure Solutions

8080 Cobblestone Rd | Urbandale, IA 50322
MAC: F4469-010
Tel 515-988-2508 | Cell 515-988-2508

jonmcalexan...@wellsfargo.com<mailto:jonmcalexan...@wellsfargo.com>

This message may contain confidential and/or privileged information.
If you are not the addressee or authorized to receive this for the
addressee, you must not use, copy, disclose, or take any action
based on this message or any information herein. If you have
received this message in error, please advise the sender
immediately by reply e-mail and delete this message. Thank you for
your

cooperation.



-------------------------------------------------------------------
-- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



--------------------------------------------------------------------
- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: AW: sslHostConfig and ciphers

Reply via email to