Am Freitag, dem 11.03.2022 um 09:50 +0100 schrieb Torsten Krah:
> (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)

Reading that message and looking at:

there it is written that with TLS 1.3:

Applications should use the SSL_CTX_set_ciphersuites() or 
SSL_set_ciphersuites() functions to configure TLSv1.3 ciphersuites. 

Seems tomcat is using *SSL_CTX_set_cipher_list* instead of
*SSL_CTX_set_ciphersuites* - maybe someone with knowledge here can
confirm that theory.


there is this:

SSL_CTX_set_cipher_list() sets the list of available ciphers (TLSv1.2
and below) for ctx using the control string str. The format of the
string is described in openssl-ciphers(1). The list of ciphers is
inherited by all ssl objects created from ctx. This function does not
impact TLSv1.3 ciphersuites. Use SSL_CTX_set_ciphersuites() to
configure those.

So it seems like a bug to me, right?

kind regards


To unsubscribe, e-mail:
For additional commands, e-mail:

Reply via email to