Tomcat fails to start with 11.0.11 (and a downgrade to11.0.9 fixes it), there are various SSL errors apparenty all related to "Cannot decode named group: x25519"
It seems support this it was in fact backported to 11.0.11: https://bugs.openjdk.java.net/browse/JDK-8171279