I think it would also be helpful to post the parameters that I'm using to launch it too -
*Server* /opt/TurboVNC/bin/vncserver -SecurityTypes X509Vnc -x509cert /home/user/ca/certs/localhost.cert.pem -x509key /home/user/ca/certs/localhost.key.pem -rfbauth /home/user/ca/t.file *Viewer* /home/user/my_vnc_viewer -x509ca /home/user/ca/certs/CA.cert.pem -passwd /home/user/ca/t.file localhost:2 On Friday, July 12, 2019 at 11:03:33 AM UTC-4, Andy wrote: > > Hey so I have some strict requirements on what encryption ciphers we are > allowed to use. > > Basically I need it to use either TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 > or TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384. > > From the viewer side I'm able to restrict the ciphers available to it by > modifying the java argument inside of the vncviewer script: > and adding on the options > -Djava.security.properties=/opt/test/java.security.restictive > -Djavax.net.debug=ssl > > Now I get an SSL Handshake error when I try to connect - I think its > because Xvnc doesn't support the 2 ciphers that I'm trying to use. > > How would I go about enabling the two ciphers from the server (Xvnc) side? > I'd prefer to not have to recompile, but I'm not afraid to. > > > Thanks! > -- You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/65995c7a-4564-459b-a6e6-74c738c4a470%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
my_vnc_viewer
Description: Binary data
