Thanks. I do have some follow up questions
On 2/6/19, 1:04 AM, Mark Thomas wrote:
On the TLS Connector:
sslEnabledProtocols="TLSv1.1,TLSv1.2"
Ok. So the active connector we currently have for this particular
installation (which has multiple IP addresses, hence the "address"
clause) is:
<Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol"
address="REDACTED"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
keystoreFile="REDACTED" keyAlias="REDACTED"
ciphers="SSL_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_AES_128_CBC_SHA"
clientAuth="false" sslProtocol="TLS" />
So I can just add the sslEnabledProtcols clause to the end of this?
17369 - HTTP Security Header Not Detected.
It looks like this one:
https://community.qualys.com/thread/17369-http-security-header-not-detected
I concur on that, but how do I add the headers it's looking for?
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
