Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0AD02109B4 for ; Thu, 22 Aug 2013 12:24:46 +0000 (UTC) Received: (qmail 18183 invoked by uid 500); 22 Aug 2013 12:24:42 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 17867 invoked by uid 500); 22 Aug 2013 12:24:41 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 17858 invoked by uid 99); 22 Aug 2013 12:24:41 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Aug 2013 12:24:41 +0000 X-ASF-Spam-Status: No, hits=-0.7 required=5.0 tests=RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of aterrestris@gmail.com designates 74.125.82.51 as permitted sender) Received: from [74.125.82.51] (HELO mail-wg0-f51.google.com) (74.125.82.51) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 22 Aug 2013 12:24:35 +0000 Received: by mail-wg0-f51.google.com with SMTP id a12so1509904wgh.18 for ; Thu, 22 Aug 2013 05:24:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=vPwiy3+TCiO7BMLGM6vgrru8wwTHRDCryDZLRV4F/uw=; b=DtyySrZxJM2va5mg2oOHRUB5mpoQ72j/dimsvKvIGJ2qzJlh0mQS/kBhk2q5RUGUME h9ZODiQ279KJ8ogsuf79qKhn0+ycrZbPODlXd0zSOsnzQ2zWrsBwEEakutbqGlMHQmBX wP8km9J5+fQYwLKwV4Gpok10Wcb6waLll4m2g7f2HzB1rL8h6GZdbd0amV2yqyOvJB8u KYO7nFJEO+AJb1dNxu5j7E1ItX1Hpa1OvZyN1xyGypra1suA2MpS46qNkGpPogb97QLI FfpENS/sfPtH8kfJhQnFxaooiyE/AnSgjtKx73HhG2GlR+ieouT6zF/LylpW2V04XuDG bBhg== MIME-Version: 1.0 X-Received: by 10.194.93.3 with SMTP id cq3mr10265014wjb.26.1377174255293; Thu, 22 Aug 2013 05:24:15 -0700 (PDT) Received: by 10.194.33.169 with HTTP; Thu, 22 Aug 2013 05:24:15 -0700 (PDT) In-Reply-To: <1377160914.8723@sosnoski.com> References: <1377160914.8723@sosnoski.com> Date: Thu, 22 Aug 2013 13:24:15 +0100 Message-ID: Subject: Re: Tomcat 7 / Java 7 with TLS 1.2 algorithms From: =?ISO-8859-1?Q?Aur=E9lien_Terrestris?= To: Tomcat Users List Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Virus-Checked: Checked by ClamAV on apache.org Hello I suppose you need to run your JVM with the unrestricted policy files (on b= =3D oth client and server sides). You have to download them from Oracle website= =3D for your java version, and replace the old. These files are : local_policy.jar US_export_policy.jar Regards 2013/8/22 : > Tomcat 7.0.40 seems to work well with TLS 1.2, forced by using a sslEnabl= edProtocols=3D"TLSv1.2" attribute on the . But I haven't been ab= le to make it work with any of the SHA256/384 algorithms - they always show= up in the "Ignoring unsupported cipher suite" list. I get the same thing h= appening when I try to use them from client code, so I know it's not a Tomc= at issue, but I'm hoping someone knows a workaround. > > Any suggestions? > > Thanks, > > - Dennis > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org > For additional commands, e-mail: users-help@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org