SSL support has recently been added for Aioserver. Tested on myssl.com, about "client handshake impersonation" found IE8 xp tls1.0 : handshake failed (server disconnected)
I tried again. Baidu.com and Taobao.com, about IE8 xp tls1.0, can shake hands successfully, using the "Cryptographic Suite": Tls_rsa_with_3des_ede_cbc_sha
Although IE8 now use less, but there should be some users in the domestic use, then find a way to let Java 8 support IE8 tls1.0 access it.
I've listed 65 available cryptographic suites by calling Sslengine.getsupportedciphersuites (), but none of them is related to 3DES.
Google a bit to find this article: https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html
The general meaning is to disable "Encryption Suite" by default in Java 8: "Ssl_rsa_with_3des_ede_cbc_sha".
Then go on to find out how to turn on "Ssl_rsa_with_3des_ede_cbc_sha" and find the answer:
Open the Security policy file in folder {Java_home}/jre/lib/security: java.security, modify the JDK.TLS.DISABLEDALGORITHMS option.
Jdk.tls.disabledAlgorithms default value for Java8:
1024x768224, DES40_CBC, rc4_40, 3DES_EDE_CBC
To turn on Ssl_rsa_with_3des_ede_cbc_sha, comment out the 3DES_EDE_CBC:
1024x768224, DES40_CBC, rc4_40#, 3DES_EDE_CBC
In this case, call Sslengine.getsupportedciphersuites () lists 76 available cryptographic suites, the number of previously available encryption suites is 65.
The extra 12 available cryptographic suites are 3DES-related cryptographic suites: Tls_ecdhe_ecdsa_with_3des_ede_cbc_sha, Tls_ecdhe_rsa_with_3des_ede_cbc_sha, SSL _rsa_with_3des_ede_cbc_sha, ...
By testing just add Ssl_rsa_with_3des_ede_cbc_sha to support XP IE8 tls1.0 handshake.
About the normal access of Tls_rsa_with_3des_ede_cbc_sha support XP IE8 tls1.0 under Java 8