First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Difference in used cipher suites

Hi guys,

I’ve been wondering how applications determine which cipher suites they offer to the server. In particular I would like to know if there is a difference between Microsoft Edge browser and Java JRE because it looks like both offer a different set of cipher suites as a client. In my trace it looks like Edge is sending 43 cipher suites (one of them is matched by the server) whereas Java JRE only sends a set of 12 and being denied because there is no match with any of the cipher suites that the server supports.

So why this difference (IT doesn’t seem to have limited anything on the JRE side configuration) and how can I make Java JRE offer the correct (TLS1.2) cipher suites that my server will support?

I’d be happy to provide detailed information if that’s required.

Iamneilsm's avatar
1
Iamneilsm
asked 2021-09-12 20:41:33 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Ms Edge (and many other Windows applications) uses the SChannel TLS config data from the registry to determine which TLS versions and ciphers to be offered, see here.

Java uses property settings from <java home>/conf/security/java.security along with the defaults of the provider being used.

In both cases the ciphers offered by a client an be modified from the defaults by an individual application.

grahamb's avatar
23.8k
grahamb
answered 2021-09-13 07:50:46 +0000, updated 2021-09-13 07:51:22 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer