tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Max Sevenfold <>
Subject Disable low grade encryption
Date Tue, 05 Feb 2008 14:46:22 GMT

I would like to disable low grade encryption in Tomcat.

I have cert that uses 256/1024bit encryption with Apache but same cert 
with tomcat uses
128/768bit encryption.

The problem is public key size 768 bit that is no more considered secure 
by Opera.

The problem was discussed here.

It happens due to Diffie-Hellman algorythm that is advised to be 
disabled to avoid the problem.

I did as advised. I added TLS_RSA_WITH_AES_256_CBC_SHA to JAVA_OPTS 
and ciphers attribute in <Connector> in server.xml

Nothing changed after tomcat restart.
I also checked catalina.out and there is no errors or other information 
about encryption.

It seems Tomcat ignores these settings.

Please, help.

Thank You,

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message