[GLASSFISH-19349] Choosing SSL cipher suites in GlassFish admin GUI results in many "Unrecognized cipher" warnings in GlassFish log Created: 15/Nov/12  Updated: 24/Apr/14

Status: Open
Project: glassfish
Component/s: security
Affects Version/s: 3.1.2.2
Fix Version/s: future release

Type: Bug Priority: Major
Reporter: rdelaplante Assignee: JeffTancill
Resolution: Unresolved Votes: 4
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Using the web admin GUI I went into the configuration of http-listener-2 which has SSL enabled. I went to the SSL tab and clicked the "select all" button for all cipher suites EXCEPT the 40 bit and 56 bit ciphers, and then pressed save. My goal is to disable the 40 bit and 56 bit ciphers. I noticed the following in my GlassFish log. Note that I already have the unlimited strength JCE installed in my JDK:

INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
INFO: Grizzly Framework 1.9.50 started in: 1ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
INFO: WEB0169: Created HTTP listener [http-listener-2] on host/port [0.0.0.0:8181]
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_RC4_128_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDH_anon_WITH_AES_128_CBC_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_ECDSA_WITH_NULL_SHA
WARNING: WEB0309: Unrecognized cipher: TLS_ECDHE_RSA_WITH_NULL_SHA
INFO: Grizzly Framework 1.9.50 started in: 0ms - bound to [0.0.0.0:8181]
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_ECDSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_RC4_128_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_ECDSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_RSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDH_anon_WITH_AES_128_CBC_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_ECDSA_WITH_NULL_SHA].
WARNING: GRIZZLY0010: Unrecognized cipher [TLS_ECDHE_RSA_WITH_NULL_SHA].

Why did it offer cipher suites that are unrecognized in the first place? Which ones were actually used?


Generated at Sun Aug 30 14:24:37 UTC 2015 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.