On 7.4.2015 15:23, Christopher Schultz wrote:
After a weekend of ripping out clumps of my hair and swearing at my
computer, nothing had worked. In desperation, before upgrading
Java and Tomcat, I tried regenerating my self-signed certificate
with new settings (SHA256 instead of SHA1) and that seems to have
solved the problem. Moral of the story: Take browser error
messages with a large grain of salt.
The cipher-mismatch was probably solved by something you changed in
your configuration. Re-generating the TLS certificate might have ended
some of the warnings about certs with a SHA-1 signature, but the
cipher-mismatch is a different beast and probably more important.
+1
I just tested Firefox connecting to server that serves SHA-1
certificates, and Firefox issues no warning (except in a web console),
let alone to refuse the connection.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org