Tomcat (9.0.48)Not starting with TLSv1.3 and explicit ciphers in server.xml :SSL routines:SSL_CTX_set_cipher_list:no cipher match for JDK11 app

Question

<Connector port=443
           protocol="org.apache.coyote.http11.Http11Nio2Protocol"
           maxThreads="150" SSLEnabled="true"
           sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImplementation">
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig protocols="TLSv1.3" ciphers="TLS_AES_128_GCM_SHA256">
        <Certificate certificateKeyFile="conf/certs/key.pem"
                     certificateFile="conf/certs/cert.pem"
                     type="RSA" />
    </SSLHostConfig>
    </Connector>

Error:

16-Aug-2021 16:50:42.662 WARNING [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Error initializing SSL context
        java.lang.Exception: Unable to configure permitted SSL ciphers (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)
                at org.apache.tomcat.jni.SSLContext.setCipherSuite(Native Method)
                at org.apache.tomcat.util.net.openssl.OpenSSLContext.init(OpenSSLContext.java:245)
                at org.apache.tomcat.util.net.SSLUtilBase.createSSLContext(SSLUtilBase.java:246)
                at org.apache.tomcat.util.net.AbstractJsseEndpoint.createSSLContext(AbstractJsseEndpoint.java:97)
                at org.apache.tomcat.util.net.AbstractJsseEndpoint.initialiseSsl(AbstractJsseEndpoint.java:71)
                at org.apache.tomcat.util.net.Nio2Endpoint.bind(Nio2Endpoint.java:141)
                at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1208)
                at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1221)
                at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:603)
                at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:80)
                at org.apache.catalina.connector.Connector.initInternal(Connector.java:1046)
                at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at org.apache.catalina.core.StandardService.initInternal(StandardService.java:561)
                at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1049)
                at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
                at org.apache.catalina.startup.Catalina.load(Catalina.java:724)
                at org.apache.catalina.startup.Catalina.load(Catalina.java:746)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
                at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
                at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
                at java.base/java.lang.reflect.Method.invoke(Method.java:566)
                at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:305)
                at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:475)

Is the choice of TLS ciphers not yet supported in Tomcat if we use TLSv1.3?

Answer 1

Your hypothesis is partially correct: it is not possible to restrict the TLSv1.3 ciphersuites if you use OpenSSL (cf. discussion on tomcat-users).

OpenSSL uses different functions to set the cipher suites for TLSv1.3 and the previous versions: *_set_ciphersuites for TLSv1.3 and *_set_cipher_list for TLSv1.2 and lower, cf. man page. The Tomcat Native Library only uses the second set of functions (cf. source code).

On the other hand JSSE does not discriminate between TLSv1.2 and TLSv1.3 cipher suites (see JSSE Cipher Suites Names), so your configuration will work if you change SSL implementation:

<Connector port=443
           SSLEnabled="true"
           protocol="org.apache.coyote.http11.Http11Nio2Protocol"
           sslImplementationName="org.apache.tomcat.util.net.jsse.JSSEImplementation">
    <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
    <SSLHostConfig protocols="TLSv1.3" ciphers="TLS_AES_128_GCM_SHA256">
        <Certificate certificateKeyFile="conf/certs/key.pem"
                     certificateFile="conf/certs/cert.pem"
                     type="RSA" />
    </SSLHostConfig>
</Connector>