IdP 3.2 - ECDHE cipher

Cantor, Scott cantor.2 at
Fri Dec 4 11:56:20 EST 2015

On 12/4/15, 10:45 AM, "users on behalf of John Horne" <users-bounces at on behalf of john.horne at> wrote:

>We have IdP 3.2 with Jetty 9.3.6 running on a RHEL7 server. In the
>jetty log file at start up we see:
>13:51:00.985 - INFO [org.eclipse.jetty.util.ssl.SslContextFactory:1246]
>- No Cipher matching 'TLS_ECDHE.*' is supported
>I have installed the JCE Unlimited policy files, but for some reason
>the ECDHE ciphers do not seem to be recognized.

IIRC, those are supported on both 7 and 8, and I don't *think* the JCE files have anything to do with that. And I don't think Jetty really affects it either.

> If I run jetty with
>debug logging, it shows the cipher list and that does not have ECDHE in
>it. If I run 'openssl ciphers' though, ECDHE is present.

OpenSSL doesn't really pertain to this.

-- Scott

More information about the users mailing list