tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rahul Singh <rksing...@hotmail.com>
Subject logjam attacks in tomcat 7
Date Thu, 01 Oct 2015 04:52:43 GMT
Dear Tomcat Support Team,Thanks for your continuous support.
In our Application Tomcat V 7.0.54 is used. We are facing the problem of 
"Server has a weak, ephemeral Diffie-Hellman public key ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY"
In chrome browser.
Tomcat server .xml have following configuration, which does not contain chipher, it means
it used default cipher.
================================================================<Connector port="8585"
minSpareThreads="5"                    enableLookups="true" redirectPort="8282"          
         acceptCount="32"  connectionTimeout="60000"/> <Connector port="8282" minSpareThreads="5"
 SSLEnabled="true"                    enableLookups="true"                    acceptCount="32"
 scheme="https" secure="true"                    clientAuth="false" sslEnabledProtocols="TLSv1.2"
                  algorithm="SunX509"/>================================================================
Underline JAVA is : OpenJDK Runtime Environment (rhel-2.5.5.3.el6-x86_64 u79-b14)
So could ypu please assist me to understand the following things.
1- What value of default cipher is using in My application.2- Does it require to update for
working with lates Browser chrome and fixing the "Diffie-Hellman" security issue.
Regards,Rahul kumar Singh 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message