On Tue, 23 Aug 2022 21:48:46 GMT, Xue-Lei Andrew Fan <xue...@openjdk.org> wrote:
>> I think Weibing is trying to achieve a balance here - the current TLS logs >> are quite verbose. I'm not sure if we need verbose SSLServerSocket info for >> every server socket operation. The current approach is to print the >> SSLServerSocket details when a handshake fails due to a >> ciphersuite/keyexchange config issue > > Thanks for the comments. I'm not sure if it is really helpful for developers > to understand and debug the failure by reading the additionally dumped cipher > suites and/or key exchange configuration. Given the server cipher suites > TLS_AES_128_GCM_SHA256, can one really know the failure reason exactly? The cipher suite enabled on the server side is not logged when "no common in cipher suites" error is thrown. Hope the developer could find the difference in the cipher suites between client and server. ------------- PR: https://git.openjdk.org/jdk/pull/9731
