Hello
Using ORDS 24.4 with JDK 21, I'd like to add an additional ciphersuite for TLS 1.2 to use with some older clients that do not support the below (which is what nmap shows as ORDS 24's current TLS 1.2 ciphers).
* TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
* TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
I'd like to add an older option: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
I think getting this to work would be some combination of:
* a JDK that supports TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (not sure if 21 does or not)
* adjusting java.security for the JDK
* something to adjust the embedded Jetty 12 behaviour, probably one or more xml files
I'd appreciate if someone can point me in the correct direction.
Many thanks
Tim