[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] Strange failure of SSL handshake after Jetty Upgrade.
|
Hi,
On Fri, Feb 17, 2023 at 3:38 PM Srijith Kochunni via jetty-users
<jetty-users@xxxxxxxxxxx> wrote:
[snip]
> javax.net.ssl|SEVERE|08 1C|qtp1363141203-2076|2023-02-07 12:35:40.763 EST|TransportContext.java:340|Fatal (HANDSHAKE_FAILURE): no cipher suites in common (
[snip]
> The problem seems similar to the issue seen in the case of https://github.com/eclipse/jetty.project/issues/7691 - However this was seen on Java 11.
> Also seems similar to the issue seen in https://github.com/eclipse/jetty.project/issues/6099, but in this it is marked as Fixed in 9.4.41 and we’re on 9.4.44. We tried to follow the workaround of setting sni required as true. But in our internal testing, after setting that, handshake was failing both over IP and FQDN.
> We’re working to see if we can dump on server start and collect more logs, but meanwhile if we can get any help here, it would be much appreciated.
> What we’re clear is that the Server Hello is not able to prove possession and therefore the handshake is failing. How it is related to Jetty version is what we’re trying to figure out.
A reminder that Jetty 9.4.x is at End of Community Support, see
https://github.com/eclipse/jetty.project/issues/7958.
You should upgrade to Jetty 10/11; try these and report back if you
still have failures.
--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
