We are using Oracle JDK version "1.8.0_381" and our application is using default TLS provided. OS for customer setup: Linux | 3.10.0-1160.88.1.0.2.el7.x86_64.
The problem is that the customer is unable to connect a loadbalancer (called as redirect server) with our product DPA application server, it fails to establish connection using cipher "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" during handshake. Our product is deployed on top of JBOSS server, and we use standalone.xml for providing list of cipher-suits supported. The order of ciphers are as follows: "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384".
Kindly confirm if the order for adding ciphers is accurate.
We collected tcpdump of customer setup. We found it is failing during SSL handshake (err code 40). We tried to debug this issue using SSL handshake logs, but we couldn't see any failure message captured in the log files also, the logs are very unusual.
Kindly respond why the failure message is not getting included in SSL handshake logs while debugging.