The SSLSocketFactory has a list of SupportedCiphers and a list of Default Ciphers that are Enabled.
What GlassFish is currently showing is the list of Default Ciphers that are enabled. So by selecting/unselecting things in admin-console you can only subset the existing Default List.
Here is what the javadoc mentions :
-------------------------------------------------
public abstract String[] getSupportedCipherSuites()
Returns the names of the cipher suites which could be enabled for use on an SSL connection. Normally, only a subset of these will actually be enabled by default, since this list may include cipher suites which do not meet quality of service requirements for those defaults. Such cipher suites are useful in specialized applications.
-------------------------------------------------
public abstract String[] getDefaultCipherSuites()
Returns the list of cipher suites which are enabled by default. Unless a different list is enabled, handshaking on an SSL connection will use one of these cipher suites. The minimum quality of service for these defaults requires confidentiality protection and server authentication (that is, no anonymous cipher suites).
Returns:
array of the cipher suites enabled by default
----------------------------------------------------------
I will need to check with our experts on the precise reason why the Admin console is not showing all the supported ciphers (Maybe it has got something to do with the statement in javadoc above about Cipher suites which do not meet QOS requirements) .
Please file an Issue on GlassFish with some description of the CipherSuite that are causing a Failure and please provide the Exception (stack-traces if any).
Thanks.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]
http://forums.java.net/jive/thread.jspa?messageID=277179