ECDHE cipher suites not supported on OpenJDK 8 installed on EC2 Linux machine

Question

When starting jetty-distribution-9.3.0.v20150612 with openjdk 1.8.0_51 running on an EC2 Amazon Linux machine, is prints that all configured ECDHE

Answer 1

So I'm running a similar setup, with an AWS box running openjdk-1.8.0.51. what solved it for me is to add bouncycastle as a provider like so:

• Add the bcprov-.jar to /usr/lib/jvm/jre/lib/ext

• Edit /usr/lib/jvm/jre/lib/security/java.security adding the following line to the list of providers:

  security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider
  

(I added it as the 6th entry but you can add higher in the order if you prefer)

Restarted my application and was able to use EC-based cipher suites such as TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.