How can I determine which cipher suites are supported by Wildlfly 10?
The documentation just states that there is an option "enabled-cipher-suites".
Background: I'm trying to configure various cipher suites. Example:
<https-listener name="default-ssl" socket-binding="https" security-realm="SslRealm" enabled-cipher-suites="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" enabled-protocols="TLSv1.2"/>
Java version:
openjdk version "1.8.0_151"
OpenJDK Runtime Environment (build 1.8.0_151-b12)
OpenJDK 64-Bit Server VM (build 25.151-b12, mixed mode)
When I list the availables ciphers for the JVM using this method the cipher suite is available.
When starting WildFly no connection is available with a browser and nmap also does not list any available ciphers (using nmap --script ssl-enum-ciphers -p PORT HOSTNAME)
There is a list (capture from the Internet Archive) by someone who used a tool to determine the version, but I think there should be a solution using Wildfly documentation or tools only.
As it turned out my problem was rather trivial. The JVM which reported the availability of the cipher suite was version 1.8.0_151. But the Wildfly used another JVM with verson 1.8.0_141 which did not support the cipher.
Updating the JVM to at least 1.8.0_151 fixed the problem.