Try SSLProtocol="TLSv1.2" (mind the case) instead of sslProtocol="-all +TLSv1.2".
Had this issue too. The connector parameters for SSL are a huge mess and have been changed constantly. Best Markus Am 05.03.20 um 19:30 schrieb rugman66 .: > Hello, > > > > I have both Apache and Tomcat running on the same RHEL. I have successfully > configured Apache to use OpenSSL TLSv1.2, but I cannot get Tomcat to use > TLSv1.2. Tomcat for some reason > > will only use TLV 1.0, and that is no good. No matter what parameter I set > in the server.xml sslProtocol directive it won’t change. Seems like it’s > getting that directive somewhere else but I can't locate. > > > > <Connector > > port="8443" > > scheme="https" > > secure="true" > > protocol="org.apache.coyote.http11.Http11AprProtocol" > > SSLEnabled="true" > > SSLCertificateFile="/auto/englearn-web/ssl_certificate/server.cer" > > > SSLCertificateChainFile="/auto/englearn-web/ssl_certificate/chain.cer" > > > SSLCertificateKeyFile="/auto/englearn-web/ssl_certificate/server.key" > > SSLCipherSuite="RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW" > > SSLHonorCipherOrder="true" > > maxThreads="150" > > clientAuth="false" > > sslProtocol="-all +TLSv1.2" > > /> > > > > OpenSSL 1.0.2d > > Tomcat 7.0.39 (I know it’s old, but it's what I have to work with at this > time) > > > Thank you for any insight. > > -John > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org