Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jetty-users] SSL breakage in 9.3.7.v20160115?

My integration tests started failing when I upgraded to 9.3.7.v20160115 from 9.3.6.  SSL connections are failing. Turning debug logging on, the cause appears to be this:

javax.net.ssl.SSLHandshakeException: no cipher suites in common

My testing is using pretty generic (ruby) SSL access, default client settings.

Now some conjecture—looking through the available release notes:

485714 Update SSL configuration to mitigate SLOTH vulnerability

But the bugzilla issue sounds incomplete:
…and despite the claim that the change was reverted, this at least made it into the release:
Please advise? Thanks.

—David




Back to the top