Hi, We are running Tomcat 6.0.37 and Java JDK 1.6.0_60 We recently upgraded to JDK 1.6.0_75 and recieved below error at several places javax.net.ssl.SSLException: Fatal Alert received: Handshake Failure
We debugged and after analysis found that if we remove below 3 ciphers suits from server.xml file TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA SSL_RSA_WITH_3DES_EDE_CBC_SHA The error is no more seen. I need your opinion in order to proceed with the changes. 1.What will be the effect of removing these cipher? 2. Found this link on ciphers http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html The cipher codes I mentioned above have been marked as 'X'. Most of the cipher codes mentioned in my server.xml are marked as 'X'. So I am confused as to am I on correct path of removing these problematic cipher from server.xml or not. Can you help in answering the 2 questions above? Thanks for your help in advance. -Utkarsh
