tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: Default SSL ciphers supported by Tomcat 6
Date Fri, 23 Oct 2009 11:53:09 GMT
uma_rk@comcast.net wrote:
> Yes I saw that statement in the document. I was hoping
> someone here could tell me identify the default ciphers used
> by JDK6 (which is what I use under Tomcat6).
> 
> This info seems basic enough; but I am unable to find it.

Hmm. It doesn't seem that you looked that hard.

> I understand this is Tomcat list - I hope I do not get flamed for
> asking a JDK question.

http://java.sun.com/javase/6/docs/
"Security" leads to
http://java.sun.com/javase/6/docs/technotes/guides/security/index.html
"Standard Algorithm Names" leads to
http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html
and finally "Additional JSSE Standard Names" leads to
http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html#jssenames#

You could also have just searched the archives for the users list.
Searching for "default ciphers" would have found this:
http://tomcat.markmail.org/search/default+ciphers+list:org%2Eapache%2Etomcat%2Eusers

Ignoring your thread, the answer you want is the first one in the list.

Mark

> 
> Regards,
> 
> /U
> ----- Original Message -----
> From: Charles R Caldarale 
> To: Tomcat Users List 
> Sent: Fri, 23 Oct 2009 03:09:34 +0000 (UTC)
> Subject: RE: Default SSL ciphers supported by Tomcat 6
> 
>> From: uma_rk@comcast.net [mailto:uma_rk@comcast.net]
>> Subject: Default SSL ciphers supported by Tomcat 6
>>
>> I am looking for the default set of SSL(v3) ciphers supported by 
>> Tomcat 6.0.x.
> 
> It's in the doc:
> 
> "ciphers
> 
> "The comma separated list of encryption ciphers that this socket is allowed to use. By
default, the default ciphers for the JVM will be used. Note that this usually means that the
weak export grade ciphers will be included in the list of available ciphers. The ciphers are
specified using the JSSE cipher naming convention."
> 
> http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html
> 
> Tomcat does not include any encryption capability of its own, unless you're using APR.
 For that, you'll need to look at the OpenSSL doc.
> 
>  - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
> 
> 
> 




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message