IdP 3.2 - ECDHE cipher
John Horne
john.horne at plymouth.ac.uk
Fri Dec 4 16:43:45 EST 2015
On Fri, 2015-12-04 at 16:56 +0000, Cantor, Scott wrote:
> On 12/4/15, 10:45 AM, "users on behalf of John Horne" <users-bounces@
> shibboleth.net on behalf of john.horne at plymouth.ac.uk> wrote:
>
>
>
> > Hello,
> >
> > We have IdP 3.2 with Jetty 9.3.6 running on a RHEL7 server. In the
> > jetty log file at start up we see:
> >
> > 13:51:00.985 - INFO
> > [org.eclipse.jetty.util.ssl.SslContextFactory:1246]
> > - No Cipher matching 'TLS_ECDHE.*' is supported
> >
> > I have installed the JCE Unlimited policy files, but for some
> > reason the ECDHE ciphers do not seem to be recognized.
>
> IIRC, those are supported on both 7 and 8, and I don't *think* the
> JCE files have anything to do with that. And I don't think Jetty
> really affects it either.
>
I should have added that we are using openjdk 8. It seems, from what I
can gather and I didn't know this, that with openjdk the JCE unlimited
files are not required. I have now put the original openjdk jar files
back in place. I still get the same warning though.
John.
--
----------------------------------------------------
John Horne Tel: +44 (0)1752 587287
Plymouth University, UK
More information about the users
mailing list