Hi All, I am Amlan working as Apache Geronimo Administrator.
Could you please help me that How could I do following two things at Apache Geronimo Application servers 2.1.4 & 2.1.8 1. How disable support for export cipher suites at Apache Geronimo 2.1.4/2.1.8 application server? 2. How to generate a unique 2048-bit Diffie-Hellman group and use it at Apache Geronimo 2.1.4/2.1.8 within config.xml At my config.xml file I see TLS defined in two location: 1... <gbean name="TomcatWebSSLConnector"> <attribute name="host">${ServerHostname}</attribute> <attribute name="port">${HTTPSPort + PortOffset}</attribute> <attribute name="maxHttpHeaderSize">8192</attribute> <attribute name="maxThreads">150</attribute> <attribute name="minSpareThreads">25</attribute> <attribute name="maxSpareThreads">75</attribute> <attribute name="enableLookups">false</attribute> <attribute name="acceptCount">100</attribute> <attribute name="disableUploadTimeout">false</attribute> <attribute name="clientAuth">false</attribute> <attribute name="algorithm">Default</attribute> <attribute name="sslProtocol">TLS</attribute> <attribute name="keystoreFile">var/security/keystores/geronimo-default</attribute> <attribute name="keystorePass">{Simple}djgsfcjefdkcgh</attribute> <attribute name="keystoreType">JKS</attribute> </gbean> 2... <gbean name="JMXSecureConnector"> <attribute name="protocol">rmi</attribute> <attribute name="host">${ServerHostname}</attribute> <attribute name="port">${JMXSecurePort + PortOffset}</attribute> <attribute name="urlPath">/jndi/rmi://${ServerHostname}:${NamingPort + PortOffset}/JMXSecureConnector</attribute> <attribute name="algorithm">Default</attribute> <attribute name="secureProtocol">TLS</attribute> <attribute name="keyStore">geronimo-default</attribute> <attribute name="keyAlias">geronimo</attribute> <attribute name="trustStore">geronimo-default</attribute> <attribute name="clientAuth">false</attribute> </gbean> Regards, Amlan -- View this message in context: http://apache-geronimo.328035.n3.nabble.com/How-to-use-2048-bit-Diffie-Hellman-group-at-geronimo-configuration-tp3990050.html Sent from the Users mailing list archive at Nabble.com.