tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From reyus1 <>
Subject Disable Low stregth encryption in Tomcat 4.1.30
Date Wed, 08 Feb 2006 05:35:08 GMT
Hi All,

I am using Tomcat 4.1.30 stand-alone with j2re1.4.2_04 to serve HTTPS
connections. I would like to disable the support for low encryption ciphers
like SSL_RSA_EXPORT_WITH_RC4_40_MD5. I have seen from the following page
that these are the supported ciphers:

I would only like to maintain support for Medium and High encryption ciphers
which range with a strength of => 128.

I looked at the attributes that Tomcat 4.1 uses and it doesn't have the
"cipher" attribute which I could use to force the encryption suite to use.
I am not looking to upgrade my Tomcat anytime soon.

Any ideas would be greatly appreciated. Feel free to correct me if I am also
taking the wrong way of solving this problem. Main goal here is to disable
the support for any Low Encryption on the Tomcat server. This is for added



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message