Description
Describe the bug
A clear and concise description of what the bug is.
Looking into a different problem I spotted the following
ZWEAZS1:main:33620384 [35mZWESVUSR [0;39m
[36mWARN [0;39m ((o.a.t.u.n.j.JSSEUtil))
Tomcat interprets the [ciphers] attribute in
a manner consistent with the latest OpenSSL
development branch. Some of the specified
[ciphers] are not supported by the configured
SSL engine for this connector (which may use
JSSE or an older OpenSSL version) and have
been skipped:
[[TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256]]
They are listed in the startup under server_ciphers=...
These ciphers should not be in the shipped list of cipher specs.