With any output.ciphers present, for TLSv1.3 to work also the output.cipherSuites have to be provided for TLSv1.3 handshakes not to fail (i.e. when IncludeCipherSuites defined, also the TLSv1.3 compatible suites as defined in RFC 8446 have to be explicitly set, or TLSv1.3-only clients won't be able to connect).
Fixes intermediate and old configs.
_Support for *_CHACHA20_POLY1305_* was added in 11.0.13 JDK-8140466 but since it was not addressed for TLSv12 suites before, I haven't added anything mentioning the JSSE support for TLSv13 either — if that errors out for someone running older revisions, feel free to open separate issue for that; however we're not comparing such versions in the logic here, so it may only warrant a config comment of sorts…_
Fixes #154
With any
output.cipherspresent, for TLSv1.3 to work also theoutput.cipherSuiteshave to be provided for TLSv1.3 handshakes not to fail (i.e. whenIncludeCipherSuitesdefined, also the TLSv1.3 compatible suites as defined in RFC 8446 have to be explicitly set, or TLSv1.3-only clients won't be able to connect).Fixes
intermediateandoldconfigs._Support for
*_CHACHA20_POLY1305_*was added in 11.0.13 JDK-8140466 but since it was not addressed for TLSv12 suites before, I haven't added anything mentioning the JSSE support for TLSv13 either — if that errors out for someone running older revisions, feel free to open separate issue for that; however we're not comparing such versions in the logic here, so it may only warrant a config comment of sorts…_