This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new 9090141 Additional configuration required for JSign + DigiCert ONE on
Java 7
9090141 is described below
commit 909014193061c119008bf17fb5150423dfb3fb62
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Aug 18 13:11:45 2021 +0100
Additional configuration required for JSign + DigiCert ONE on Java 7
---
BUILDING.txt | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/BUILDING.txt b/BUILDING.txt
index b267d6e..5fe85d4 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -295,12 +295,15 @@ You can build them by using the following commands:
codesigning.storepass=request-via-pmc
Release managers will be provided with the necessary credentials by the
PMC.
- It will also be necessary to enable TLS 1.1 and TLS 1.2 by default (they
are
- disabled by default on Java 7) for the build process to communicate with
the
- code signing service. The simplest way is by setting the ANT_OPTS
- environment variable. E.g. (for Windows):
+ It will also be necessary to enable TLS 1.2 and the correct cipher suite to
+ for the build process to communicate with the code signing service. The
+ simplest way is by setting the ANT_OPTS environment variable.
+ E.g. (for Windows):
- set ANT_OPTS=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
+ set ANT_OPTS=-Dhttps.protocols=TLSv1,TLSv1.1,TLSv1.2
-Dhttps.cipherSuites=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+
+ You will also need to download and install the Java 7 unlimited strength
+ jurisdiction policy files in order to use the above cipher suite.
4. Build the release:
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
