tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brijesh Deo <b...@SonicWALL.com>
Subject RE: How to allow only TLS 1.1 connections to Tomcat (6.0) server with https ?
Date Tue, 05 Mar 2013 10:47:46 GMT
-----Original Message-----
From: Ognjen Blagojevic [mailto:ognjen.d.blagojevic@gmail.com] 
Sent: 05 March 2013 16:01
To: users@tomcat.apache.org
Subject: Re: How to allow only TLS 1.1 connections to Tomcat (6.0) server with https ?

Brijesh,

On 5.3.2013 10:11, Brijesh Deo wrote:
> Thanks for your detailed reply and the explanation. I gave it a quick try but it doesn’t
quite work with Tomcat 6.0.32, the version that I am currently using. I checked the Http Connector
documentation for Tomcat 6.0 and Tomcat 7.0 and the attribute " sslEnabledProtocols" is supported
in Tomcat 7.0 but not in Tomcat 6.0. Is there a way I could achieve this with Tomcat 6.0.32?
Please let me know.

Indeed, Tomcat 6 doesn't support HTTPS connector parameter 
sslEnabledProtocols.

You could try to limit enabled protocols by adding system property 
-Dhttps.protocols="TLSv1.1" in Tomcat startup. That might work for you, 
but I didn't test it.

-Ognjen


Thanks Ognjen. I tried with -Dhttps.protocols="TLSv1.1" in Tomcat startup but even this doesn’t
work with Tomcat 6.0. Looks like upgrading to Tomcat 7.0 seems to be the only way to achieve
this easily through configuration in server.xml. 

Thanks again.
-Brijesh
Mime
View raw message