Re: ssl connection issues

On 2018-09-17 11:23, Gabriele Bulfon wrote:
> That may be a possibility, but given that I cannot upgrade at the
> moment, how can I check this and maybe change the required cipher to
> match?

Debugging SSL problems is not really something I do regularly, but you
may want to see if changing the settings in the java.security policy
helps. Settings to try are:

jdk.tls.disabledAlgorithms
jdk.certpath.disabledAlgorithms

For reference:

Java 8 Update 31, disabled SSLv3:
http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html,
Java 8 Update 51, disabled some cipher suites, and limitations for DH
keys where added:
http://www.oracle.com/technetwork/java/javase/8u51-relnotes-2587590.html,
similar for Java 8 Update 60:
http://www.oracle.com/technetwork/java/javase/8u60-relnotes-2620227.html
Java 8 update 71 disabled MD5 hash validation of certificates
Java 8 update 121 added restrictions on DSA keysize:
http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html
Java 8 Update 141 disabled SHA-1 hashes for the certificate chain:
http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html
Java 8 update 161 added limitations for DH keys, made some changes to
certificate validation and disabled a number of cipher suites:
http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html
Java 8 update 171 disabled some ciphersuites:
http://www.oracle.com/technetwork/java/javase/8u171-relnotes-4308888.html

Mark