Forum Stats

  • 3,750,526 Users
  • 2,250,188 Discussions
  • 7,866,998 Comments

Discussions

jre1.8.0_241 handshake failure

Hello,

we trying to make an connection with a SAP Message Server through SAP Process Orchestration, but we get a handshake failure.

The following cipher suites are supported by the SAP Message Server:

TLSv1.2:

ciphers:

       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1)

       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1)

       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1)

       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1)

       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1)

The JRE sent the following ciphers while doing the client hello:

Cipher Suites (14 suites)

    Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 (0xc07b)

    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 (0x00c0)

    Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 (0xc07a)

    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 (0x00ba)

    Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084)

    Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)

    Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041)

    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)

    Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)

Is it possible to configure JRE to sent the TLS_ECDHE ciphers to the server?

I tried to disable the TLS_RSA ciphers with the setting jdk.tls.disabledAlgorithms in java.security, but JRE still sent the TLS_RSA ciphers to the server.

And i also played around with many other configurations like jdk.jar.disabledAlgorithms, jdk.tls.legacyAlgorithms and crypto.policy. But the JRE client still sending the TLS_RSA ciphers.

Hope you guys have a solution for this issue.

Best regards

Ka