[openssl-users] Problem in connecting to Java (Tomcat) server with ECDHE ciphers
noloader at gmail.com
Sun Jun 4 06:29:52 UTC 2017
On Sun, Jun 4, 2017 at 1:01 AM, Pravesh Rai <pravesh.rai at gmail.com> wrote:
> Even though I've disabled SSLvX protocols on both - client (openssl-1.0.2k)
> & server (Java 1.8 with Tomcat), still getting following handshake error,
> while executing:
> "openssl s_client -connect a.b.c.d:<port> -msg -debug -cipher
GCM mode is a TLS 1.2 cipher. It looks like Java 8 enables it by
default; cf. https://blogs.oracle.com/java-platform-group/jdk-8-will-use-tls-12-as-default.
Maybe something like:
openssl s_client -connect www.example.com:443 -tls1_2 -servername
The command uses SNI and TLS 1.2, which is pretty much standard
If that does not do it, then maybe you can use SSLscan to identify the
protocols and cipher suites the server supports.
More information about the openssl-users