-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Coty,
On 4/16/19 07:28, Coty Sutherland wrote: > Hi, > > It appears that the IBM JDK (version 8) has dropped support for > SSLv2Hello so when you startup tomcat with the IBM JDK you get a > warning saying that the protocol is being skipped. OpenJDK seems to > have dropped it in version 12 or 13 (I haven't tested, just noticed > a user list thread about it) so I guess we should look at dropping > support for SSLv2Hello whenever Tomcat's minimum JDK is one of > those versions? Is there a document somewhere I can add this too so > it doesn't get forgotten? How many / how often are these error messages generated? Just when the server starts? Or with every connection? If you get a warning on startup, I'd say that's not a big deal. It would be a much bigger deal to kill a user's server for clients who must use SSLv2Hello handshakes (which are hopefully dwindling to zero ... about 5 years ago). I think handling questions about how to get rid of a warning would be better than handling questions about how to get servers back up and running. - -chris -----BEGIN PGP SIGNATURE----- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAly3bgQACgkQHPApP6U8 pFhXMA/+IKU/gdhks6BJgGpM5CuPIqEFHOYqzomDnmGEcg9q51pLVGiy5Md58fLV 8vIyZpDftg04tt65S1DKWNY7mNg3LzegAEW0JyElXGSwMd9SQx38yFNlddqAlzCe Swjt1bFu7frCvaDE40BCsz7Enw0CdRTEm6daSyZI93CeLm0jKDn7cigGhPQr36jV 5oXmtvnC8hpes3ELsfh//WC4u2QCqZ76uCeVkbKXACDJI5nIjcoVofL/kotPWUcC /W2lNjxwJ5ACWM3yMUoAy12MpXv19nHZT5k+cbxgZJyKe47LBD2c6B5HbkYzHGac wNbuv/vjACDa48DhTSR6BtYlJexWooPmwvZoLJKilIx+UlQveg+cIg1LLkr/g1iZ 3ftBCxZK9g27s5CnD+VlB2CG4lZ+nSFFU3OUfOEVwgbkVhch6rJqWRTCgBpKC0jH LwB6bKz66vPe3uRqJ7JLBTYJn9UenvxUeASkRQmISa43jn/S60STTfDGeMTmopsU BsyLP3HZY3ktzdKOWhncMAzXq5vWVUMm6tw0/GAvOGhNTnGAcb7iwR8/RUfXTpLR D8yb01h4/bDgDLXdc0ZDV1uNJ6XKVoDdP52doHaiC/bEv9ElZkDiYB7MepiplVO0 Ti52xTsebV6MPPW8ZP2HBN6bBT3ndm8uXItTCuiGw72apmdQdPQ= =PtbL -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
