specify ciphersuite for tls handshake

In my requirement specifications it is written:

TLS implementations supporting these security frameworks shall implement at least the following ciphersuite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

Java says it provides implementation of this ciphersuite at TLSv1.2 in Java7.

I am new to security, so don't know how to use it.

On my client side, i am using:

sslcontext = SSLContexts.custom()
                    .loadTrustMaterial(..)
                   .loadKeyMaterial(..)
                   .useProtocol("TLSv1.2")
                    .build();

What i have learnt from google is that client offers a range of options to server and server needs to pick on of them. Please correct me if i am wrong.

Now i want to specify it on server side, i don't know what to do If i am using jetty with secured connector:

<Call name="addConnector">
     <Arg>
       <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
         <Arg>
           <New class="org.eclipse.jetty.http.ssl.SslContextFactory">
             <Set name="KeyStore">./etc/keystores/server.jks</Set>
             <Set name="KeyStorePassword">password</Set>
             <Set name="KeyManagerPassword">password</Set>
             <Set name="TrustStore">./etc/keystores/trust_store.jks</Set>
             <Set name="TrustStorePassword">password</Set>
             <Set name="wantClientAuth">true</Set>
             <Set name="needClientAuth">true</Set>
           </New>
         </Arg>
         <Set name="port">8443</Set>
         <Set name="maxIdleTime">30000</Set>
       </New>
     </Arg>
</Call> 

it works,

if i add following, which will enable TLSv1.1:

<Set name="excludeProtocols">
      <Array type="java.lang.String">
        <Item>SSLv3</Item>
        <Item>TLSv1.2</Item>
        <Item>TLSv1</Item>
        <Item>SSLv2Hello</Item>
      </Array>
     </Set>

it will give error:

executing requestGET https://localhost:8443/ HTTP/1.1 Exception in thread "main" javax.net.ssl.SSLHandshakeException: Server chose TLSv1.1, but that protocol version is not enabled or not supported by the client.

But if i allow only TLSv1.2, it runs:

<Set name="excludeProtocols">
          <Array type="java.lang.String">
            <Item>SSLv3</Item>
            <Item>TLSv1.1</Item>
            <Item>TLSv1</Item>
            <Item>SSLv2Hello</Item>
          </Array>
         </Set>

But here , if i specify the protocol alongwith ciphersuite specification:

 <Set name="IncludeCipherSuites">
    <Array type="java.lang.String">
      <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
    </Array>
  </Set>

I get following exception:

Exception in thread "main" javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:912) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1294) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1321) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1305) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:394) at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:353) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:134) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:353) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:380) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184) at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88) at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:107) at client.ClientCustomSSL.main(ClientCustomSSL.java:69) Caused by: java.io.EOFException: SSL peer shut down incorrectly at sun.security.ssl.InputRecord.read(InputRecord.java:352) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893) ... 16 more

Next thing i tried is using factory on client side:

SSLConnectionSocketFactory factory=new SSLConnectionSocketFactory(sslcontext, new String[]{"TLSv1.2"},sslcontext.getDefaultSSLParameters().getCipherSuites(), SSLConnectionSocketFactory.getDefaultHostnameVerifier());

And i have printed these ciphersuites on my screen.

sslcontext.getDefaultSSLParameters().getCipherSuites()

Then i have excluded all those ciphersuites except "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" , it gave me error

<Set name="ExcludeCipherSuites">
        <Array type="java.lang.String">
           <Item>...</Item>

                  <!--
            <Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
              -->
            </Array>
      </Set>

But if i exclude all except "TLS_RSA_WITH_AES_128_CBC_SHA256" , it worked.

<Set name="ExcludeCipherSuites">
        <Array type="java.lang.String">
          <Item>...</Item>
          <!--
            <Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
             -->
                </Array>
      </Set>

It means some ciphersuites are supported by jetty while some are not.

Is it so?, do we have any such list. Or is there any other way to do it. Please guide. I want to use this ciphersuite for this handshake, but i don't know how to do it.