It looks to me that Chromium does not support the strongest ciphers. The strongest/highest cipher available is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 No support for SHA384 and no AES_256_GCM
https://www.ssllabs.com/ssltest/viewMyClient.html Cipher Suites (in order of preference)TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b) Forward Secrecy128TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) Forward Secrecy128TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) Forward Secrecy128TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) Forward Secrecy256TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) Forward Secrecy128TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Forward Secrecy128TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) Forward Secrecy256TLS_ECDHE_ECDSA_WITH_RC4_128_SHA (0xc007) Forward Secrecy128TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward Secrecy128TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) Forward Secrecy128TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32) Forward Secrecy*128TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) Forward Secrecy256TLS_RSA_WITH_AES_128_GCM_SHA256 (0x9c)128TLS_RSA_WITH_AES_128_CBC_SHA (0x2f)128TLS_RSA_WITH_AES_256_CBC_SHA (0x35)256TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)112TLS_RSA_WITH_RC4_128_SHA (0x5)128TLS_RSA_WITH_RC4_128_MD5 (0x4)128(*) Cannot be used for Forward Secrecy because they require DSS keys, which are effectively limited to 1024 bits. 2014-05-21 21:24 GMT+02:00 Sverre Moe <sverre....@gmail.com>: > Setting only these ciphers in the JSSE connector: > > TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 > > I wrote a small Java program that makes a HttpsConnection. With it I have > no problem making a connection and getting these ciphers. So how come it > doesn't work in any browser? As far as I could see Chromium should have > support for AES256-GCM. > > main, WRITE: TLSv1.2 Change Cipher Spec, length = 1 > *** Finished > verify_data: { 167, 191, 12, 139, 75, 162, 8, 69, 1, 129, 65, 129 } > *** > main, WRITE: TLSv1.2 Handshake, length = 96 > main, READ: TLSv1.2 Change Cipher Spec, length = 1 > main, READ: TLSv1.2 Handshake, length = 96 > *** Finished > verify_data: { 4, 236, 148, 186, 214, 130, 187, 88, 249, 51, 183, 102 } > *** > %% Cached client session: [Session-1, > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] > main, WRITE: TLSv1.2 Application Data, length = 224 > main, READ: TLSv1.2 Application Data, length = 11472 > > > If I also add the following ciphers: > > TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 > Then my little Java program uses only these and not the GCM ciphers. > > > > 2014-05-21 12:21 GMT+02:00 Sverre Moe <sverre....@gmail.com>: > > I installed Tomcat-7 7.0.42 in OpenSUSE 13.1, configured support for >> TLSv1.2. I then configured a list of strong ciphers only, that I wanted to >> use. >> >> <Connector port="8443" >> protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" >> clientAuth="false" SSLEnabled="true" scheme="https" secure="true" >> sslProtocol="TLSv1.2" sslEnabledProtocols="TLSv1.2" keyAlias="tomcat" >> keystoreFile="/usr/share/tomcat/.keystore" keystorePass="**********" >> keystoreType="JKS" >> ciphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA265,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256" >> /> >> >> I have tried running Tomcat with Java 7 and Java 8. Both of these should >> support CBC_SHA256 and CBC_SHA384, but only Java 8 supports GCM_SHA384. >> I have downloaded the Java cryptographic extensions policy files for both >> Java 7 and Java 8. >> >> The only way I get a connection is when I add the following ciphers: >> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA >> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA >> >> According to the specification all these ciphers are correct names: >> >> http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites >> >> According to the implementation in JSSE provider they are implemented as >> well to work with TLSv1.2 >> >> http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider >> Footnote 1(Java7) Cipher suites with SHA384 and SHA256 are available only >> for TLS 1.2 or later. >> >> >> Also how come SSLLabs SSLTest tells me I do not have forward secrecy and >> are using RC4 ciphers. Thought when I set a limited list of ciphers only >> those can be used. >> >> I tried to edit /usr/sbin/tomcat-sysd (which is started by service >> tomcat) to enable SSL debugging, but nothing shows up in the log files >> exec ${JAVACMD} $JAVA_OPTS $CATALINA_OPTS \ >> -classpath "$CLASSPATH" \ >> -Dcatalina.base="$CATALINA_BASE" \ >> -Dcatalina.home="$CATALINA_HOME" \ >> -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \ >> -Djava.io.tmpdir="$CATALINA_TMPDIR" ${DSECURITY_MANAGER} \ >> >> -Djava.util.logging.config.file="${CATALINA_BASE}/conf/logging.properties" \ >> >> -Djava.util.logging.manager="org.apache.juli.ClassLoaderLogManager" \ >> -Djavax.net.debug=ssl \ >> org.apache.catalina.startup.Bootstrap start >> >> >
