Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 5CA7F104DD for ; Wed, 9 Oct 2013 12:12:05 +0000 (UTC) Received: (qmail 76883 invoked by uid 500); 9 Oct 2013 12:12:01 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 76695 invoked by uid 500); 9 Oct 2013 12:12:00 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 76685 invoked by uid 99); 9 Oct 2013 12:12:00 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Oct 2013 12:12:00 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy includes SPF record at spf.trusted-forwarder.org) Received: from [76.96.59.211] (HELO QMTA11.westchester.pa.mail.comcast.net) (76.96.59.211) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Oct 2013 12:11:53 +0000 Received: from omta19.westchester.pa.mail.comcast.net ([76.96.62.98]) by QMTA11.westchester.pa.mail.comcast.net with comcast id azoX1m00327AodY5B0BYHH; Wed, 09 Oct 2013 12:11:32 +0000 Received: from Christophers-MacBook-Pro.local ([69.143.106.98]) by omta19.westchester.pa.mail.comcast.net with comcast id b0BX1m00y27QCxh3f0BXxJ; Wed, 09 Oct 2013 12:11:32 +0000 Message-ID: <525547F3.1020806@christopherschultz.net> Date: Wed, 09 Oct 2013 08:11:31 -0400 From: Christopher Schultz User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Issue while using SSL with Embedded Tomcat 6.0.37 References: <1381283289.21168.YahooMailAndroidMobile@web190705.mail.sg3.yahoo.com> In-Reply-To: <1381283289.21168.YahooMailAndroidMobile@web190705.mail.sg3.yahoo.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20121106; t=1381320692; bh=c74G+Y4V3I1OersDd0r4D76nTJCidUF1kczG86+f/LQ=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=JrVH1rFL8jxglrpE86PAjrpsG5bgw7gmRPHGogA/a2tS7mr6sQWwAH5f/kuQfgvcd gAy+ryRuwFG7fhgBHpJWDwntYdKxIwFUwFMjpplWifTmgkngGX/QWwEem7bpA4lJwo zP6yluxhAz/mqwbbjlOqt1YNraxCSfnjsGVY8Zm79/fEM4xLzdvhbAXqiu0VplZMk7 hk209OjxEBRBjdwfZg7SUAgHhplIB/oCmDhz3tdtmwqPO061lbiTboBEqZUkqNquIw 8aES/vDQm33NA6jqLqCvT4sIneF8qfIqtVhuzkC+z2bwD29Xy4wpxqJc2zt/u/zLd9 KxOvqnb5yygUQ== X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Chirag, On 10/8/13 9:48 PM, Chirag Dewan wrote: > For this particular cipher, the server sends a RST to the client > after the certificate exchange is done. And the handshaking > fails,for the first time only. Second request onwards handshaking > happens and the traffic flows as usual. When you say "first" and "second" request... are you talking about the first and second request that the server receives since it's been started, or are you talking about the first and second requests that the client makes without restarting? What action resets the experiment? I'm wondering if the server "gets fixed" or the client. > What I understand is,I can provide a set of ciphers to the > connector and the client will select from that particular set and > can thus avoid the particular cipher. Can I do this in embedded > tomcat? And what set of ciphers should I allow with that > connector? I'm not sure why the embedded case would be any different from the non-embedded case... you are setting-up your connectors in a standard way, right? Maybe if you posted some code... - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJSVUfzAAoJEBzwKT+lPKRY/isP/RCAEn9zkHU2pl2zowwP5s0R lqsa3QcXuOWpBN3UUa/+HYCJ2CorldBplISSd2lSeReAAJu0XdvnKW8ObizmXFyD +Rx8PjgJlLjImJZGmTObJGSBbuk9NqnsG0AkoZ3/ERTE8mLJtsS3cxMMWCMCKtL1 VIhgQDfDy2e2NSBKQHtTGPUaqvpV5MVeeox6/M73n+t2ZoD8rtpi8OQPJjGkmtmE oGqnLM5KSuWso7ajhHlWoR5zQmVMqcWtig1iGa4OBXXKhvcu/+XCuv+KZSnSVBui TTiBemIz4/pzWaABQElyvb807g6WZstPvpkRzORWRai+Mzc/oGtP2Wcu1LLyRikb Jctt0W5xpjEKYKlQCYWUZK6NOvBjS9kxiCaBJO8R+B3OT9/zL/eXdWZ9m6gZrXT2 FPMv2nxUcOnKZw+NZu7htn5Reabd5rn5tCFdjYFsosPJIJWRKpLldRmftA9CosQd FYS7BTq5Yfrhx4SQbvaH5avcJc8QRtRJ8//CBMTyDl2Aj5JYyBkPMINOWgCDEUxN D3dKk/FPi1sRiVtokXzvOKItYR0FjVF8vmsjH1hDECRqynTr9JzDjpwA4qDvPI/G DPB0UMAyWglihOB+LdIAf96iSbW4Jbi1ltroWtm3FgGQRGgl4nmf2e4sruGXVwky 06oIRLcYemFogN3Pqnl7 =JXdI -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org