- Newest
- Most votes
- Most comments
Hi,
The enabled cipher suites depend on your Java installation, you can follow https://support.azul.com/hc/en-us/articles/360061894852-Which-security-protocols-and-cipher-suites-are-enabled-in-a-specific-Java-Release-bundle in order to see what cipher suites are included as supported by your Java installation.
Hi, I just tried the suggested method and TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 and TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 are part of the list of supported ciphers. Any other debugging suggestion? Thanks!
Only TLS v1.2 is supported by Greengrass for security. Does your device support TLS v1.2?
Please also provide the list of supported ciphers from your Java installation as well as the client device.
Please also provide the full logs from Greengrass prior to and including the cipher error.
Look for any other warnings or errors.
Hi, I attached GG log and list of ciphers from the Java installation and the client (from the SSL handshake) here: https://www.transfernow.net/dl/20220707OJeeNbgh. Yes, the device supports TLS v1.2.
I also checked the server certificate used by the broker using this command: openssl s_client -showcerts -connect localhost:8883 and it seems to be ECDHE-RSA-AES256-GCM-SHA384. Maybe this is the issue? Then how can I configure the MQTT broker to use ECDSA?
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 2 years ago
Hi, the page you linked is for Greengrass V1 only as shown in the banner at the top.