tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: How to limit the number of renegotiations for a single TLS / SSL connection
Date Fri, 08 Feb 2013 14:34:17 GMT
> From: dkumar@ccilindia.co.in [mailto:dkumar@ccilindia.co.in] 
> Subject: How to limit the number of renegotiations for a single TLS / SSL connection

> We are using -
> Tomcat Version - 6.0.18

> Please suggest the recommended solution for tomcat

Try using a version of Tomcat that's newer than 4.5 years old.  Many security-related fixes
have gone in since then, and it's irresponsible to expose your site to situations that have
been addressed years previously.  If you check the changelog, I think you'll find this TLS
issue was addressed quite some time ago; it may require a JVM upgrade as well.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message