Details
-
Bug
-
Resolution: Done
-
Major
-
1.0.2.Final
-
None
-
- add HTTPS listener to Undertow subsytem, add corresponding security realm
- set enabled-cipher-suites="DEFAULT" for the listener
- try to do a handshake with HTTPS listener
-
Workaround Exists
-
Description
No cipher suites are available for handshake with HTTPS Undertow listener.
According to OpenSSL documentation [1], cipher suites corresponding with ALL:!COMPLEMENTOFDEFAULT:!eNULL cipher string should be available for handshake.
According to Elytron documentation [2], cipher suites corresponding with ALL:!aNULL:!eNULL cipher string should be available for handshake.
[1] https://www.openssl.org/docs/manmaster/apps/ciphers.html#CIPHER-STRINGS
[2] http://wildfly-security.github.io/wildfly-elytron/org/wildfly/security/ssl/CipherSuiteSelector.html#fromString-java.lang.String-
Attachments
Issue Links
- clones
-
JBEAP-2198 Undertow HTTPS listener offers no cipher suite for DEFAULT enabled-cipher-suites
- Closed