I have a question, too...
We recently ran into issues at 2 customer sites where calls from our .NET Core service using HttpClient fails with Handshake error (40) when posting to an https Apache server. We confirmed no "available" cipher suites in the CLient Hello were accepted by the server. The odd thing is that Postman can run from that same server and it DOES have an acceptable cipher. The one in question that we saw accepted by Postman Client Hello is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and this one ISN'T offered in "our" call (.NET COre 2.8 HttpClient).
We have seen this on both Server 2012 R2 and Server 2016 Standard. I can maybe understand 2012 R2 failing, because it doesn't look like this cipher is available in that OS, but then why does Postman work?
Is there any way to enable this cipher in 2012 R2?
What about 2016? Is it possible that cipher is allowed but just disabled?
This is all a little fuzzy for me still. Also, what tools are you using to see this information above (SSL Cipher Suite Order)?
Thanks in advance,
Jason