tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Failing to using OpenSSL v0.9.8g with tomcat 5.5.9 over TLS
Date Mon, 26 May 2008 08:52:46 GMT
Wahaj Khan wrote:
> I have this issue fixed now. I set the ciphers in tomcat connector area and
> OpenSSL started working i.e. added the line
> ciphers="SSL_RSA_WITH_RC4_128_SHA". 
> 
> This means that by default tomcat don't set up such ciphers which are common
> to OpenSSL and tomcat. I wonder what that list contains. Can any one guide
> me on this.

Note this is for the latest 5.5.x source, I haven't checked 5.5.9...

If you take a look at line 192 of
http://svn.apache.org/viewvc/tomcat/connectors/trunk/util/java/org/apache/tomcat/util/net/jsse/JSSESocketFactory.java?annotate=490099

you'll see that the default set of ciphers is whatever is returned by 
SSLServerSocketFactory.getDefaultCipherSuites()

Mark

PS 5.5.9 is quote old and there have been quite a few security fixes since 
then including some important ones.



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message