We are using Oracle JDK version "1.8.0_381" and our application is using default TLS provided. OS for customer setup: Linux | 3.10.0-1160.88.1.0.2.el7.x86_64.
The problem is that the customer is unable to connect a loadbalancer (called as redirect server) with our product DPA application server, it fails to establish connection using cipher "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" during handshake. Our product is deployed on top of JBOSS server, and we use standalone.xml for providing list of cipher-suits supported. The order of ciphers are as follows: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384".
Kindly confirm if the order for adding ciphers is accurate.
We collected tcpdump of customer setup. We found it is failing during SSL handshake (err code 40). We tried to debug this issue using SSL handshake logs, but we couldn't see any failure message captured in the log files also, the logs are very unusual.
Kindly respond why the failure message is not getting included in SSL handshake logs while debugging.
I have posted this query 4-5 days before where I didn't hear anything till date. I opened another ticket before 3 days to get some response but that has been marked as duplicate taking reference of older one. As this is something which holds high severity and needs attention urgently, I am reopening this concern.
Kind assist us on this issue as soon as possible.