IdP 3.2 - ECDHE cipher
cantor.2 at osu.edu
Fri Dec 4 11:56:20 EST 2015
On 12/4/15, 10:45 AM, "users on behalf of John Horne" <users-bounces at shibboleth.net on behalf of john.horne at plymouth.ac.uk> wrote:
>We have IdP 3.2 with Jetty 9.3.6 running on a RHEL7 server. In the
>jetty log file at start up we see:
>13:51:00.985 - INFO [org.eclipse.jetty.util.ssl.SslContextFactory:1246]
>- No Cipher matching 'TLS_ECDHE.*' is supported
>I have installed the JCE Unlimited policy files, but for some reason
>the ECDHE ciphers do not seem to be recognized.
IIRC, those are supported on both 7 and 8, and I don't *think* the JCE files have anything to do with that. And I don't think Jetty really affects it either.
> If I run jetty with
>debug logging, it shows the cipher list and that does not have ECDHE in
>it. If I run 'openssl ciphers' though, ECDHE is present.
OpenSSL doesn't really pertain to this.
More information about the users