Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] How to influence the "preferred cip
Ok, I just did that but did not see any difference.

Sure, it happened to work before and it works now with your "well-behaved" client, which is what I would expect. It's just added insurance in situations where a client is deliberately trying to downgrade encryption for some nefarious purpose.

Anyway: isn't it always the server who decides which cipher to use from the list of supported ciphers provided by the client?

Normally, yes, but that flag changes the behavior to prefer the server's cipher ordering. The behavior is documented in the "Cipher Suite Preference" section of https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html.

M

Back to the top