Handshake simulator should "fail" for Java6 and DHE-RSA-AES128-SHA for DH param> 1024

Discussion created by sjansen on Nov 27, 2013
Latest reply on Dec 2, 2013 by Ivan Ristić



The handshake simulation should fail for Java 6 when using Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA when the DH parameter are >1024 bit.


Java cannot connect in that case: java.lang.RuntimeException: Could not generate DH keypair


This is a topic now, because the recently released Apache 2.4.7 now uses DH parameters which include primes    with lengths of more than 1024 bits.



See here:

"Why do I get handshake failures with Java-based clients when using a certificate with more than 1024 bits?"