tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Max Sevenfold <max.seven....@gmail.com>
Subject Disable low grade encryption
Date Tue, 05 Feb 2008 14:46:22 GMT
Hello,

I would like to disable low grade encryption in Tomcat.

I have cert that uses 256/1024bit encryption with Apache but same cert 
with tomcat uses
128/768bit encryption.

The problem is public key size 768 bit that is no more considered secure 
by Opera.

The problem was discussed here.

http://forum.java.sun.com/thread.jspa?threadID=5247000&messageID=10019756

It happens due to Diffie-Hellman algorythm that is advised to be 
disabled to avoid the problem.

I did as advised. I added TLS_RSA_WITH_AES_256_CBC_SHA to JAVA_OPTS 
-Dhttps.cipherSuite
and ciphers attribute in <Connector> in server.xml

Nothing changed after tomcat restart.
I also checked catalina.out and there is no errors or other information 
about encryption.

It seems Tomcat ignores these settings.

Please, help.

Thank You,
Max

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message