When an RMI connection is established between an agent and a server, the agent and server negotiate the protocol and cipher to use

Each agent and server has a list of protocols and ciphers that it supports. The strongest protocol and cipher that is common to both the agent list and server list is selected for the TLS channel.

By default, RMI agents and servers are configured to accept only TLSv1.2 connections with the following ciphers.

  • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256