tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim O'Neil <>
Subject RE: Tomcat + SSL Certificates
Date Thu, 10 May 2001 17:03:46 GMT
I am doing exactly the same thing, using Thawte as
well. Tomcat seems to be dealing with 128 bit
security for me just fine. I think your supposition
that Alan is using the 40-bit JSEE jars is correct.
Alan; BTW: Thawte also has a 128 bit "standard"
cert, the "SuperCert" isn't nessessary for 128
bits. I didn't really read the propaganda on Thawte's
site about the super cert but the main thing I got out
of it was that it makes renewing itself a real snap.
Great for Thawte...

At 10:45 AM 5/10/2001 -0400, you wrote:
>I generated a self-signed certificate using the keytool as discussed in the
>tomcat doc.  It seems to be encrypting at 128-bit (according to my browser).
>You will need a version of the security extensions (JSSE I think) that
>supports 128 bit encryption.  I don't know whether the international version
>supports that.  I have not tried to import a third party certificate yet.
>-----Original Message-----
>From: Alan Williamson []
>Sent: Thursday, May 10, 2001 4:58 AM
>To: ''
>Subject: RE: Tomcat + SSL Certificates
>Ylan, Sean,
>Thank you for your replies.
>I do have SSL working through Tomcat directly using a test certificate that
>I got from the CA Thawte,  however it only seems to work with a standard
>x509 certificate (40-bit)!
>I'd really like to be able to make use of the latest SGC SuperCerts (as
>Thawte badge them) which are 128-bit.  But I'm unsure of what Tomcat version
>supports them, if it actually does and this is what I'm really trying to
>find out.

View raw message