I wrote:
>> I mean, I know that I need to get HTTPAPI and Tomcat speaking the
>> same language, but where do I begin?
Christopher Schultz (Tomcat List) wrote:
> First, I would check to see what Tomcat is actually advertising.
> There are several ways to do that. One of them is to use Qualys's
> SSLLabs server test:
>
> https://www.ssllabs.com/ssltest/
Thanks, Mr. Schultz. That gives me a start.
Ok, here's what I got back.
> Protocols
> TLS 1.3 No
> TLS 1.2 Yes
> TLS 1.1 Yes
> TLS 1.0 Yes
> SSL 3 No
> SSL 2 No
> Cipher Suites
> # TLS 1.2 (server has no preference)
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp521r1 (eq. 15360 bits RSA) FS
128
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp521r1 (eq. 15360 bits RSA)
FS 128
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp521r1 (eq. 15360 bits RSA) FS
256
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp521r1 (eq. 15360 bits RSA)
FS 256
> # TLS 1.1 (server has no preference)
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp521r1 (eq. 15360 bits RSA) FS
128
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp521r1 (eq. 15360 bits RSA) FS
256
> # TLS 1.0 (server has no preference)
> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp521r1 (eq. 15360 bits RSA) FS
128
> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp521r1 (eq. 15360 bits RSA) FS
256
I may have known how to determine what HTTPAPI supports, but if so, I've
forgotten. Ditto for adding protocols to Tomcat.
As to the client end, it's using HTTPAPI 1.24, running on an AS/400
that's at V6R1.

JHHL

To unsubscribe, email: usersunsubscribe@tomcat.apache.org
For additional commands, email: usershelp@tomcat.apache.org
