We followed gudelines in the below link in order to secure the undertow http server (same steps have been followed for fuse 7.2 and we have the same issue). https://access.redhat.com/documentation/en-us/red_hat_fuse/7.3/html/apache_karaf_security_guide/webconsole
When we start our server then we see entry "Starting undertow https listener on 0.0.0.0:8943". But when we try to visit link https://localhost:8943/hawtio then we get in chrome below error.
This site can’t provide a secure connection localhost uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCH Unsupported protocol The client and server don't support a common SSL protocol version or cipher suite.
Our certificate has been tested with the the undertow server of the wildfy and it works without any problem, so we believe that we have followed correctly the guidelines. Also our rest services can exhange https messages without any problem. In the below links you can find 2 configuration files. https://quickfileshare.org/Yfx/org.ops4j.pax.web.cfg
https://quickfileshare.org/Yfy/undertow.xml
Have we overlooked any configuration step?
You have:
<w:engine
enabled-cipher-suites="TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"
enabled-protocols="TLSv1 TLSv1.1 TLSv1.2 SSLv3.0" />
please verify if Chrome supports the above strong cipher suites.