0

My key is RSA format, and certificate Signature Algorithm is sha256WithRSAEncryption, with bouncycastle fips enabled, I saw only 4 TLS_ECDHE_RSA_xxx ciphers supported for tls1.2:

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

But according to https://downloads.bouncycastle.org/fips-java/BC-FJA-(D)TLSUserGuide-1.0.0.pdf, those TLS_RSA_WITH_xxx on the Appendix B supported list should also be available for my case, such as TLS_RSA_WITH_AES_256_CBC_SHA256. Any idea why I didn't see it? Anyway to turn it on? I am using Java implementation.

huican
  • 505
  • 1
  • 9
  • 21
  • check [this](https://stackoverflow.com/questions/33089150/enable-tlsv1-2-and-tls-rsa-with-aes-256-cbc-sha256-cipher-suite)? – kelalaka Oct 25 '18 at 21:36
  • 2
    How/where did you 'saw' this? Did you test this server with ssllabs, or nmap+ssl-enum-ciphers? (FYI: the key type in your cert does affect ciphersuites but the signature alg does not, although it can affect whether clients trust your server entirely indepedent of and separate from the ciphersuite(s).) – dave_thompson_085 Oct 25 '18 at 23:20
  • 1
    Possibly the key usage doesn't allow encryption. The TLS_ ECDHE_ ciphersuites require authentication (signature generation) while the TLS_RSA_ require encryption using the public key. – Maarten Bodewes Oct 26 '18 at 02:47

0 Answers0