Open DhruvAShah opened 1 month ago
Jetty 9 is at End of Community Support, see #7958.
Please upgrade to Jetty 12 and a recent version of Java too.
Likely your problems will go away with a more modern version of Java.
Thanks @sbordet ! will sure consider your advice but do we have any answer to the same rather then option ti upgrade
@DhruvAShah no. Jetty 9 is at End of Community Support. If you want support for Jetty 9, then that is only available under a Support Contract.
The only version of Jetty that is community supported right now is Jetty 12.
When using SSL/TLS on Java on the public internet is is absolutely critical to stay up to date with the Java JVM.
That's because the Java JVM does most of the heavy lifting with SSL/TLS and the Java JVM is updated very regularly to address industry wide changes in crypto quite frequently.
See: https://www.java.com/en/jre-jdk-cryptoroadmap.html
Also note from that crypto roadmap ..
Thanks @joakime !! Can you atleast confirm that this version supports certificate signed with SHA-1 signature algorithms ?
@DhruvAShah read the JDK crypto roadmap - https://www.java.com/en/jre-jdk-cryptoroadmap.html Your questions are answered there.
Jetty version(s) jetty-9.4.48.v20220622
Jetty Environment NA
Java version/vendor
(use: java -version)
openjdk version "1.8.0_362" OpenJDK Runtime Environment (build 1.8.0_362-b09) OpenJDK 64-Bit Server VM (build 25.362-b09, mixed mode)OS type/version AlmaLinux release 8.6 (Sky Tiger)
Description We have below implementation on server side,
Current Behavior: Server communicates over ECDSA even when client prefers RSA as signature algorithm & Cipher as well
Expected Behavior: Server should communicate over RSA instead ECDSA
How to reproduce? Run the below command to reproduce the issue when server us configured for both ECDSA and RSA certificates for single domain, openssl s_client -connect ip:port -sigalgs RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ECDSA+SHA224:ed25519:ed448
Additional Comments :