The latest commit in master reverses the TurboVNC Server's search order for OpenSSL DSOs, so it should now pull the DSO from the newest installed version of OpenSSL rather than the oldest. That means you shouldn't need to move OpenSSL 0.9.8e out of the way anymore.
As far as why Java isn't picking up the newer algorithms, that appears to be because you are using the 3.0 alpha build of the TurboVNC Viewer. Please use the 2.2.x stable build. The embedded JRE in 3.0 alpha isn't providing those ciphers for some reason, and I need to look into why (it may simply be that I didn't include the necessary module when building the JRE), but I just tested the 2.2.x build (with OpenJDK 1.8.0), and it works fine. On 7/17/19 3:56 PM, Andy wrote: > Hey so you were right. > > Apparently I had a ilbssl.so.0.9.8e.so floating around. > > So I moved all of the stuff relating to that out of the directory and > now I get the ECDHE ciphers that i was looking for on the server side. > > Do you know how I would go about adding them to JAVA and the client side? > From the vncviewer script the only ciphers I have available are : > > CSecurityTLS: Available cipher suites: TLS_AES_128_GCM_SHA256, > TLS_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, > TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, > TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, > TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, > TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, > TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, > TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, > TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, > TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, > TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, > TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, > TLS_DH_anon_WITH_AES_256_GCM_SHA384, > TLS_DH_anon_WITH_AES_128_GCM_SHA256, > TLS_DH_anon_WITH_AES_256_CBC_SHA256, TLS_DH_anon_WITH_AES_256_CBC_SHA, > TLS_DH_anon_WITH_AES_128_CBC_SHA256, TLS_DH_anon_WITH_AES_128_CBC_SHA > > - It's missing the TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher that > I'm looking for > > Thanks again for the help! > > On Wednesday, July 17, 2019 at 5:20:47 AM UTC-4, Andy wrote: > > Hey sorry, yeah let me do some digging when I get back to my dev > box and I'll let you know. Thanks again for all the help! > > -- > You received this message because you are subscribed to the Google > Groups "TurboVNC User Discussion/Support" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to [email protected] > <mailto:[email protected]>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/turbovnc-users/9cd4cde5-a186-4980-9d5e-e36bd538a643%40googlegroups.com > <https://groups.google.com/d/msgid/turbovnc-users/9cd4cde5-a186-4980-9d5e-e36bd538a643%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "TurboVNC User Discussion/Support" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/turbovnc-users/92cadba9-1b5c-1679-3a19-c683cad6a609%40virtualgl.org. For more options, visit https://groups.google.com/d/optout.
