The default Cipher suites are supported with TLS v1.2 in fact those ciphers require TLSv1.2. O
-
Confirm you are using a new install of developer tools from the patch.
-
Check the lax.nl.current.vm= in RhythmyxWorkbench.lax of the developer tools install you are running is pointing to to the correct JVM in the developer tools install. On a clean install this is relative to the current directory in example Current Directory is Rhythmyx so if the folder was modified it may not find this
lax.nl.current.vm=…\Rhythmyx\JRE\bin\java.exe
If the vm is not found the startup executable will fall back to base jvm on the system which may be Java 7 and will not work.
-
Check what the signature algorithm for the Certificate is. To support TLSv1.2 you may need to have “SHA-256 with RSA”. SHA-1 certificates are deprecated due to security risk and will not work with TLSv1.2
https://stackoverflow.com/questions/25810999/check-if-my-ssl-certificate-is-sha1-or-sha2
-
When the service is stopped start jetty with the following. It adds a lot if information after startup to the log and close to the start of this dump it reports the effective enabled and disabled protocols. This should identify if the problem is on the server or certificate or the client.
./JettysStart.sh jetty.server.dumpAfterStart=true
All the strong ciphers included in the list require TLSv1.2. The GCM ciphers are only in Java 1.8, and the CBC Ciphers are in Java 1.7 but Java v1.7 requires TLSv1.2 to be enabled with a system property. The current version of the Workbench is working to connect using these ciphers against the current tomcat with this configuration.
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
| += SslConnectionFactory@4b741d6d{SSL-\>http/1.1} - STARTED | | += SslContextFactory@6344004d(file:///C:/RX\_732/jetty/base/etc/keystore,file:///C:/RX\_732/jetty/base/etc/keystore) trustAll=false | | | +- Protocol Selections | | | | +- Enabled (size=1) | | | | | +- TLSv1.2 | | | | +- Disabled (size=4) | | | | +- SSLv2Hello - ConfigExcluded:'SSLv2Hello', ConfigIncluded:NotSpecified | | | | +- SSLv3 - JreDisabled:java.security, ConfigExcluded:'SSLv3', ConfigIncluded:NotSpecified | | | | +- TLSv1 - ConfigIncluded:NotSpecified | | | | +- TLSv1.1 - ConfigIncluded:NotSpecified | | | +- Cipher Suite Selections | | | +- Enabled (size=4) | | | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA256 | | | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_GCM\_SHA256 | | | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256 | | | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256 | | | +- Disabled (size=53) | | | +- SSL\_DHE\_DSS\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DHE\_DSS\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DHE\_DSS\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DHE\_RSA\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DHE\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DHE\_RSA\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DH\_anon\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DH\_anon\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_DH\_anon\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_RSA\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_RSA\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_RSA\_WITH\_NULL\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- SSL\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_CBC\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_GCM\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_DH\_anon\_WITH\_AES\_128\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_DH\_anon\_WITH\_AES\_128\_CBC\_SHA256 - JreDisabled:java.security, ConfigIncluded:NotSpecified | | | +- TLS\_DH\_anon\_WITH\_AES\_128\_GCM\_SHA256 - JreDisabled:java.security, ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_ECDSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_ECDSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDHE\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_ECDSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_CBC\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_GCM\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_ECDSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_CBC\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_GCM\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_anon\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_anon\_WITH\_AES\_128\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_ECDH\_anon\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_EMPTY\_RENEGOTIATION\_INFO\_SCSV - ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_EXPORT\_WITH\_DES\_CBC\_40\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_EXPORT\_WITH\_DES\_CBC\_40\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_WITH\_3DES\_EDE\_CBC\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_WITH\_DES\_CBC\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_KRB5\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$', ConfigIncluded:NotSpecified | | | +- TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256 - ConfigIncluded:NotSpecified | | | +- TLS\_RSA\_WITH\_NULL\_SHA256 - JreDisabled:java.security, ConfigIncluded:NotSpecified | | +~ org.eclipse.jetty.jmx.MBeanContainer@4c60d6e9
if the perc.ssl.includeCiphers value in jetty/etc/installation.properties is blank the server will use the configured default for jetty which is updated with jetty versions, this is currently the following with TLSv1.2
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,TLS_DHE_DSS_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_EMPTY_RENEGOTIATION_INFO_SCSV,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_GCM_SHA256
| +- Protocol Selections
| | | | +- Enabled (size=1)
| | | | | +- TLSv1.2
| | | | +- Disabled (size=4)
| | | | +- SSLv2Hello - ConfigExcluded:'SSLv2Hello', ConfigIncluded:NotSpecified
| | | | +- SSLv3 - JreDisabled:java.security, ConfigExcluded:'SSLv3', ConfigIncluded:NotSpecified
| | | | +- TLSv1 - ConfigIncluded:NotSpecified
| | | | +- TLSv1.1 - ConfigIncluded:NotSpecified
| | | +- Cipher Suite Selections
| | | +- Enabled (size=15)
| | | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_GCM\_SHA256
| | | | +- TLS\_EMPTY\_RENEGOTIATION\_INFO\_SCSV
| | | | +- TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA256
| | | | +- TLS\_RSA\_WITH\_AES\_128\_GCM\_SHA256
| | | +- Disabled (size=42)
| | | +- SSL\_DHE\_DSS\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DHE\_DSS\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DHE\_DSS\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DHE\_RSA\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DHE\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DHE\_RSA\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DH\_anon\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DH\_anon\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_DH\_anon\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_RSA\_EXPORT\_WITH\_DES40\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_RSA\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_RSA\_WITH\_NULL\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- SSL\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_DHE\_DSS\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_DHE\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_DH\_anon\_WITH\_AES\_128\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_DH\_anon\_WITH\_AES\_128\_CBC\_SHA256 - JreDisabled:java.security
| | | +- TLS\_DH\_anon\_WITH\_AES\_128\_GCM\_SHA256 - JreDisabled:java.security
| | | +- TLS\_ECDHE\_ECDSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDHE\_ECDSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDHE\_ECDSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDHE\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDHE\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDHE\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_ECDSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_ECDSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_ECDSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_RSA\_WITH\_3DES\_EDE\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_RSA\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_anon\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_anon\_WITH\_AES\_128\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_ECDH\_anon\_WITH\_NULL\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_EXPORT\_WITH\_DES\_CBC\_40\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_EXPORT\_WITH\_DES\_CBC\_40\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_WITH\_3DES\_EDE\_CBC\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_WITH\_3DES\_EDE\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_WITH\_DES\_CBC\_MD5 - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_KRB5\_WITH\_DES\_CBC\_SHA - JreDisabled:java.security, ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_RSA\_WITH\_AES\_128\_CBC\_SHA - ConfigExcluded:'^.\*\_(MD5|SHA|SHA1)$'
| | | +- TLS\_RSA\_WITH\_NULL\_SHA256 - JreDisabled:java.security