glassfish
  1. glassfish
  2. GLASSFISH-19349

Choosing SSL cipher suites in GlassFish admin GUI results in many "Unrecognized cipher" warnings in GlassFish log

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: 3.1.2.2
    • Fix Version/s: future release
    • Component/s: security
    • Labels:
      None

      Description

      Using the web admin GUI I went into the configuration of http-listener-2 which has SSL enabled. I went to the SSL tab and clicked the "select all" button for all cipher suites EXCEPT the 40 bit and 56 bit ciphers, and then pressed save. My goal is to disable the 40 bit and 56 bit ciphers. I noticed the following in my GlassFish log. Note that I already have the unlimited strength JCE installed in my JDK:

      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      INFO: Grizzly Framework 1.9.50 started in: 1ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
      WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
      INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_ECDSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_RC4_128_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_ECDSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_RSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_AES_128_CBC_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_ECDSA_WITH_NULL_SHA].
      WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].

      Why did it offer cipher suites that are unrecognized in the first place? Which ones were actually used?

        Activity

        There are no comments yet on this issue.

          People

          • Assignee:
            JeffTancill
            Reporter:
            rdelaplante
          • Votes:
            4 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

            • Created:
              Updated: