tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: FIPS compliancy on Tomcat 7.00.062
Date Sat, 08 Aug 2015 12:22:43 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Sanaullah,

On 8/5/15 5:54 AM, Sanaullah wrote:
> run the sslscan tool from the command line 
> https://github.com/rbsec/sslscan

I haven't used that tool in a very long time, because it never updated
to support newer protocols (like TLS, I think). Instead, I ended up
writing my own:

http://tomcat.markmail.org/thread/tz4z44nfjl7sy2lj

I've updated that tool a few times in the past few months... I should
post an update.

> or openssl s_client in debug mode

This doesn't help because it only tells you that a single connection
type will work. You have to invoke that command many many times to
test your server.

- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJVxfSSAAoJEBzwKT+lPKRYv1AP/A4t2nyDlu00ZHmprxbHXoL/
XD1V08nG2+X1S4nR5uM58VeWxbILsJD0s1YRHk4pybnj8c40xGWQNyw4QY/n2FAj
uKum5mtEHUI2mXnN+tni7nAb0zJeGmh4YaL/GqhYuDxRWqEHWA6y1rzCTF5smmOl
gKSjstMOJWDEyKAhuIlfnpiF8hBMlnNBbzcqUHkv/2P3Fv2TQPKg7+9hsbfZUMTF
d3h2s/c3wk4IPDI9yPC8xhnMmw06y6FuTggvVOftLQgWn3Du4aY6RBbbJhJxCEcL
0UyTHp3uT3u5RxC4b0beEQTHxUzTRtWHN/VVXuuWObt/mNF1p5OpyyufC31K6yoe
LLBqGiMmiI0ViJWN8ENQTZYHRaVElJnqll20yrl4pEWDLREOrUHMkOa6oUErVpZG
n0wqBBYtPUn/wXfArfN4N4O5rHlrPXhxL8akQxx8kPXC0jn93GSEFMyheoiirauV
flBnlQ/zUsrXCB7Zy8giP2ikbtJr5GEjS/Uh4jOSZlgNbACLSnugJozW9z19ut27
0Hut6x0UQBPfG0s+2rJNuUAK7Por3uUmtFDB5Y9QwC4htY4DsrOOoywG+qGfU/q0
mJCUNmgILRrbq0VL1KadTuiZOur+2X97HLzjKiLLyPBG3GXSBMP9tOHxF/5wimN4
QSO0xiFLL/SRU9dEVbll
=eiqQ
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message