On Wed, Jan 26, 2011 at 6:09 PM, John Hartnup <[email protected]> wrote: > If I don't specify a ciphersuite, according to the documentation, the server > should accept every ciphersuite available to Java. Yet it is the Java side > that is reporting "no matching ciphersuite", and sending the SSL alert in > response to the client hello.
That's correct, if no cipher suites are listed, all will be active. Make sure you do not have the attribute with an empty string, that will cause all cipher suites to be disabled. Also, you do not need to specify client-authentication="NONE" as that's the default value. On the client, does it make any difference to remove the use of -z cipher-ALL ? /niklas
