tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregor Schneider" <rc4...@googlemail.com>
Subject Re: How to make to Apache-Tomcat 6.0.13 to support all of SSLv2/SSLv3 and TLS protocols
Date Tue, 02 Sep 2008 20:18:41 GMT
Suresh,

I guess no one is having the same problem like what you're having.

As a first guess, within your connector I'd change

         clientAuth="false" sslProtocol="TLS" keystoreType="PKCS12"

to

         clientAuth="false" sslProtocol="ALL" keystoreType="PKCS12"

2nd, I'd have a look how it behaves with Sun's original JDK

If all that failes (what would puzzle me since you're the first to
have this problem), I'd give OpenSSL a try:

I'm running Tomcat 5.5 on Debian using APR with OpenSSL, and this is
my Connector working like charm, even with the latest version of
Firefox:

    <Connector  port="443"
                address="xx.xxx.xxx.xx"
                maxHttpHeaderSize="8192"
                maxThreads="150"
                minSpareThreads="25"
                maxSpareThreads="75"
                enableLookups="false"
                disableUploadTimeout="true"
                acceptCount="100"
                scheme="https"
                secure="true"
                SSLEngine="on"
                SSLCertificateFile="/home/tomcat/www/certs/some.crt"
                SSLCertificateKeyFile="/home/tomcat/www/certs/some.key" />

HTH

Gregor
-- 
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message