Dear Wiki user, You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.
The "Security/Ciphers" page has been changed by markt: https://wiki.apache.org/tomcat/Security/Ciphers?action=diff&rev1=14&rev2=15 Comment: Update the Tomcat 8.5 results. Split out JSSE, JSSE+OpenSSL and OpenSSL into separate tables There is no right choice since there are always trade-offs to make between better security better interoperability, better performance etc.. Where you choose to draw that line is a choice you need to make. The following information is provided to help you make that choice. The ratings provided are those calculated by the excellent [[https://www.ssllabs.com/ssltest|SSL Labs Test]]. Keep in mind that, as more vulnerabilities are discovered, these ratings are only ever going to get worse over time. The results shown on this page were correct at the time they were generated. - As of May 2015, 1024-bit DHE is [[https://www.schneier.com/blog/archives/2015/05/the_logjam_and_.html|considered]] [[https://weakdh.org/imperfect-forward-secrecy.pdf|breakable]] by nation-state adversaries. 2048-bit DHE is recommended. 2048-bit DHE may be configured with JSSE connectors (BIO, NIO, NIO2) using JVM parameter, and for APR connector Apache Tomcat Native Library 1.2.2 (or later) should be used. + == BIO/NIO/NIO2 with JSSE Results (Default) == - - == JSSE (BIO/NIO/NIO2) Results (Default) == - - || || Java 5 || Java 6 || Java 7 || Java 8 || + || || Java 5 || Java 6 || Java 7 || Java 8 || - || Tomcat 6 (JSSE) || C || C || C || B || + || Tomcat 6 || C || C || C || B || - || Tomcat 7 (JSSE) || N/A || C || C || B || + || Tomcat 7 || N/A || C || C || B || - || Tomcat 8 (JSSE) || N/A || N/A || A || A || + || Tomcat 8 || N/A || N/A || A || A || - || Tomcat 8 (APR/OpenSSL) || N/A || N/A || A || A || + || Tomcat 8.5 || N/A || N/A || A || A || - || Tomcat 8.5 (JSSE) || N/A || N/A || TBD || TBD || - || Tomcat 8.5 (JSSE/OpenSSL) || N/A || N/A || TBD || TBD || - || Tomcat 8.5 (APR/OpenSSL) || N/A || N/A || TBD || TBD || - || Tomcat 9 (JSSE) || N/A || N/A || N/A || A || + || Tomcat 9 || N/A || N/A || N/A || A || - || Tomcat 9 (JSSE/OpenSSL) || N/A || N/A || N/A || A || - || Tomcat 9 (APR/OpenSSL) || N/A || N/A || N/A || A || Note: These results were obtained using the JCE Unlimited Strength Jurisdiction Policy Files + == NIO/NIO2 with JSSE+OpenSSL Results (Default) == + + || || Java 5 || Java 6 || Java 7 || Java 8 || + || Tomcat 8.5 || N/A || N/A || A || A || + || Tomcat 9 || N/A || N/A || N/A || A || + + - Note: Tomcat 9 with JSSE/OpenSSL and JSSE config requires a 1.2.6 tc-native release to achieve an A since, without it, the full certificate chain is not presented to the client. + Note: JSSE+OpenSSL and JSSE config requires a 1.2.6 tc-native release to achieve an A since, without it, the full certificate chain is not presented to the client. + + The equivalent OpenSSL cipher configurations used to obtain the above results are: + + || Java 7 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!DHE || + || Java 8 || HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA || + + Note: Java 7 DHE ciphers sue a 768 bit DH key which is considered insecure which is why those ciphers are excluded only for Java 7. + + == APR with OpenSSL Results (Default) == + + || || Java 5 || Java 6 || Java 7 || Java 8 || + || Tomcat 6 || TBD || TBD || TBD || TBD || + || Tomcat 7 || N/A || TBD || TBD || TBD || + || Tomcat 8 || N/A || N/A || A || A || + || Tomcat 8.5 || N/A || N/A || A || A || + || Tomcat 9 || N/A || N/A || N/A || A || + + The OpenSSL cipher configuration used was '''HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA'''. Up-to-date selection of secure cipher suites in OpenSSL format is available at [[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]]. + == JSSE (BIO/NIO/NIO2) Results (Improved) == @@ -50, +68 @@ * Java 8 * TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - ''(It might be nice to provide the OpenSSL-style cipher suites arcana for the versions of Tomcat that support it)'' - == Environment == The results above were generated with: @@ -62, +78 @@ * Apache Tomcat 6.0.44-dev, r1664561. This is after the commit that disabled SSLv2 and SSLv3. * Apache Tomcat 7.0.60-dev, r1664373. * Apache Tomcat 8.0.34-dev, r1737224. - * Apache Tomcat 8.5.1-dev, r1737213. + * Apache Tomcat 8.5.1-dev, r1737241. * Apache Tomcat 9.0.0.M5-dev, r1737193. + * tc-native 1.2.5 - == APR/native == - - If APR/native connector is used (or if HTTPS connection is terminated at a load balancer or reverse proxy utilizing the OpenSSL library), cipher suites should be specified in [[https://www.openssl.org/docs/apps/ciphers.html|OpenSSL format]]. Up-to-date selection of secure cipher suites is available at [[https://wiki.mozilla.org/Security/Server_Side_TLS|Mozilla wiki]]. - --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org