tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brijesh Deo <b...@SonicWALL.com>
Subject RE: How to allow only TLS 1.1 connections to Tomcat (6.0) server with https ?
Date Tue, 05 Mar 2013 07:55:58 GMT

-----Original Message-----
From: Igor Cicimov [mailto:icicimov@gmail.com] 
Sent: 05 March 2013 13:22
To: Tomcat Users List
Subject: Re: How to allow only TLS 1.1 connections to Tomcat (6.0) server with https ?

On 05/03/2013 5:10 PM, "Brijesh Deo" <bdeo@sonicwall.com> wrote:
>
> Hi,
> Is there a way to make TLS 1.1 required for https connection with Tomcat
server. I am currently on Tomcat 6.0.32 with JRE 1.7 on Windows 7. I tried
setting [sslProtocol="TLSv1.1"] in the Connector definition in server.xml
but that did not stop TLS 1.0 connections from being accepted. I am not
using OpenSSL and instead using JSSE as the TLS provider.
> Is it possible to do it this way? Or do I need to upgrade to Tomcat 7.0
to be able to allow only TLS 1.1 connections with https? Please let me know
how to do this.

You need java7 for tls1.1 and 1.2 as far as i know.

Thanks for the reply Igor. I already have Java 7.

-Brijesh

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message