... </Connector> Enable TLS on port 8443 <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"> <SSLHostConfig <SSLHostConfig protocols="TLSv1.2" truststoreFile="conf/cacerts.jks"> <Certificate certificateKeystoreFile="conf/clientcert.jks" certificateKeystorePassword certificateKeystorePassword="changeit" type type="RSA" /> </SSLHostConfig> </Connector> Note: Set protocols="TLSv1.2" to disable TLSv1.3 since the TCK requires post-handshake authentication and the Java 11 client does not support that. tomcat-users.xml Make the following changes: ... A default 10.0.x build (as of 2020-06-1819) with the above configuration and the TCK built from source (as of 2020-06-1819) triggers 23 21 test failures 1 Expected failures ...
- PR 338
- Incorrect major version (1 failure),
- Using LF rather an CRLF (15 failures)
- Strange /j_security_check test (2 failures)Error page attributes assumed to be unset when spec requires them to be set (3 failures)
- Missing annotation marker in Java 8 signature tests (1 failure)
- Re-do Java 11 signature test based on Java 8
- Fix regression in error page tests (1 failure)
- Java 11 issues with HTTP/2 client
|