I upgraded Jetty server version in my application from 9.3.6.v20151106 to 9.4.6.v20170531. This was done to get the HSTS support and other possible improvements.
However, after I did the changes I am not able to launch my application's UI and I get the error "ERR_SSL_VERSION_OR_CIPHER_MISMATCH" in chrome (60.0.3112.113) while "SSL_ERROR_NO_CYPHER_OVERLAP" in Firefox (55.0.3 (32-bit)).
While in Internet Explorer (11.0.9600.18697) it launches correctly!
What is it that I am missing about Jetty Server upgrade to make it work on all browsers?
Update
I checked the debug output of class org.eclipse.jetty.util.ssl.SslContextFactory and it is huge. Here is the summary:
It selects TLS 1.2 with both Jetty versions. It selects TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA with Jetty 9.3.6 version whereas with Jetty 9.4.6 its selection reduces to TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256. This is strange because we are setting all four ciphers with the setter methods for both Jetty versions.
Why is it rejecting to set the other two?