Steve,
On 10/26/20 13:02, Steve Sanders wrote:
We ran into similar issues when upgrading to latest JDK 8 (and 11). We
found that the fix was to add the sun.security.ec.SunEC as a security
provider in java.security like so:
security.provider.9=sun.security.ec.SunEC
I'll have to try that. I can easily use my SSLTest tool[1] to test
various permutations.
After adding this we were able to continue using our current certificates
and communicate with services using the updated ciphers. Depending on the
version / flavor of JDK you're using you may also need to apply the
unlimited strength JCE policy patch found here:
https://www.oracle.com/java/technologies/javase-jce8-downloads.html
If you still need this, then you really need to upgrade your Java. Java
8 no longer requires application of a separate, "unlimited" policy file
since u162, released January 2018.
-chris
[1] https://github.com/ChristopherSchultz/ssltest
[2]
https://golb.hplar.ch/2017/10/JCE-policy-changes-in-Java-SE-8u151-and-8u152.html
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
