tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Max Sevenfold <max.seven....@gmail.com>
Subject Re: Disable low grade encryption
Date Tue, 05 Feb 2008 20:04:30 GMT
Chris,

tomcat 6.0.14
java 6

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS"
               compression="on"
               compressionMinSize="2048"
               noCompressionUserAgents="gozilla, traviata"
               
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/javascript,text/plain"

               ciphers="TLS_RSA_WITH_AES_256_CBC_SHA"
              
               keystoreFile="conf/keystore"
               keystorePass="changeit"
               keystoreType="PKCS12"
/>

I added
JAVA_OPTS="$JAVA_OPTS "-Dhttps.cipherSuites=TLS_RSA_WITH_AES_256_CBC_SHA
to catalina.sh also

Thanks,
Max

Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Max,
>
> Max Sevenfold wrote:
> | Right now I am using pure Java solution with keystore.
> | I am debating to move to APR.
>
> What version of Tomcat are you using? Can you post your <Connector>
> configuration from server.xml? That would be very helpful in diagnosing
> your problem.
>
> - -chris
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkeoqAgACgkQ9CaO5/Lv0PB6oACglaD/n5x/uZP1BJ7i50tFtOV6
> EekAn2lJ0kh+oEg4h9A5YSGax25QDUZg
> =O0wC
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message