Re: ssl connection issues

Another avenue for debugging would be to get a free "real" certificate
from https://letsencrypt.org/ and check if that works.

That way you can see if it's something in your certificate creation
process that causes trouble.

//Alexander Kjäll

On 17. sep. 2018 11:56, Mark Rotteveel wrote:
> On 2018-09-17 11:23, Gabriele Bulfon wrote:
>> That may be a possibility, but given that I cannot upgrade at the
>> moment, how can I check this and maybe change the required cipher to
>> match?
>
> Debugging SSL problems is not really something I do regularly, but you
> may want to see if changing the settings in the java.security policy
> helps. Settings to try are:
>
> jdk.tls.disabledAlgorithms
> jdk.certpath.disabledAlgorithms
>
> For reference:
>
> Java 8 Update 31, disabled SSLv3:
> http://www.oracle.com/technetwork/java/javase/8u31-relnotes-2389094.html,
> Java 8 Update 51, disabled some cipher suites, and limitations for DH
> keys where added:
> http://www.oracle.com/technetwork/java/javase/8u51-relnotes-2587590.html,
> similar for Java 8 Update 60:
> http://www.oracle.com/technetwork/java/javase/8u60-relnotes-2620227.html
> Java 8 update 71 disabled MD5 hash validation of certificates
> Java 8 update 121 added restrictions on DSA keysize:
> http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html
> Java 8 Update 141 disabled SHA-1 hashes for the certificate chain:
> http://www.oracle.com/technetwork/java/javase/8u141-relnotes-3720385.html
> Java 8 update 161 added limitations for DH keys, made some changes to
> certificate validation and disabled a number of cipher suites:
> http://www.oracle.com/technetwork/java/javase/8u161-relnotes-4021379.html
> Java 8 update 171 disabled some ciphersuites:
> http://www.oracle.com/technetwork/java/javase/8u171-relnotes-4308888.html
>
> Mark
>