Hi,
I'm using Jetty 10.0.0 alpha1.
With my testing, it looks TLSv1 and TLSv1.1 are disabled in this version.
I used OpenSSL s_client to connect the Jetty server via TLS.
If specified TLSv1.2 or TLSv1.3, the handshaking finished successfully.
However, when TLSv1 or TLSv1.1 were specified, the handshaking failed.
But with the server dump, it looked the older TLS versions are enabled, as
shown as the below,
| += SslConnectionFactory@4e50c791{SSL->alpn} - STARTED
| | +=
Server@2826f61[provider=null,keyStore=file:///path/to/etc/keystore,trustStore=file:///path/to/etc/keystore]
- STARTED
| | +> trustAll=false
| | +> Protocol Selections
| | | +> Enabled size=4
| | | | +> TLSv1
| | | | +> TLSv1.1
| | | | +> TLSv1.2
| | | | +> TLSv1.3
| | | +> Disabled size=2
| | | +> SSLv2Hello - ConfigExcluded:'SSLv2Hello' JVM:disabled
| | | +> SSLv3 - ConfigExcluded:'SSLv3' JVM:disabled
What's something I missed?
I didn't meet this problem with Jetty 9.4.
Thanks!
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/jetty-users
