Re: Tomcat 6 SSL settings: "ciphers" parameter doesn't work?

2007-11-04 Thread Lilia 
Hello Mark,

Yes. My action was 
1) modify server.xml (ciphers="foo,bar"), then
2) restart tomcat server, then
3) test SSL setting with HTTPS, then
4) result: still work well!?

P.S. I also set protocol="org.apache.coyote.http11.Http11Protocol" and 
sslProtocol="TLS"


>Lilia wrote:
>> Does anyone have experience with "ciphers" parameter? Is it possible to 
>> limit ciphers allowed?
>Haven't checked for a while, but it worked the last time I looked. Are you
>restarting Tomcat after you change server.xml?
>
>Mark
>

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat 6 SSL settings: "ciphers" parameter doesn't work?

2007-11-04 Thread Lilia 
Hello all,

I use Tomcat 6.0.14, using SSL.
In http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html , it says "ciphers
The comma separated list of encryption ciphers that this socket is allowed to 
use. By default, any available cipher is allowed."
I try to limit my cipher to 
"TLS_RSA_WITH_DES_CBC_SHA,TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", but it seems 
fail... because when I set ciphers="foo,bar", SSL still work well. 

Does anyone have experience with "ciphers" parameter? Is it possible to limit 
ciphers allowed?

Lilia

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Tomcat 6.0 with SSL uploads file slowly with IE6 browser

2007-10-26 Thread Lilia 
I have a tomcat server on windows 2003 platform, using java servlet to upload 
file. 
It has been working well until one or two months ago. 
Now this Tomcat 6.0 + HTTPS + Oreilly MultiPartRequest uploads file slowly with 
IE6 browser.

For testing, I create a 10M zip file and try to upload it on different browsers.

Tomcat 6.0.14 + HTTP:
IE6: ~5sec
IE7: ~3sec
FireFox: ~3sec

Tomcat 6.0.14 + HTTPS:
IE6: ~230ec
IE7: ~4sec
FireFox: ~4sec

Obviously, there is something wrong with Tomcat 6.0 + HTTPS + OReilly 
MultiPartRequest servlet.
After some analysis, we find the server delays when responding to client. 
The data snapshot pictures are put on 
http://picasaweb.google.com/bearcatlilia/ServerProblem now.
Please take a look. 

In IE6, the normal response (from server to client) only takes less than 
0.01 second, but the problem response takes 0.21875 second (and it happens 
every four responses).
But in IE7 or firefox, maximum response time is about 0.01 second, and it 
happens rarely (maybe because of network loading, I think it can be ignored).
All the problem responses have a win=64622, but the normal responses all have 
win=65535.

My Tomcat SSL setting is listed below:


Do I make mistake in my SSL setting?

P.S. 
It happens in Tomcat 5.5 too. I used Tomcat 5.5 before, but file uploads slowly 
in pure HTTP as it does in HTTPS with IE6 (When I use other browser, everything 
is ok.),
so I decided to upgrade Tomcat to 6.0. However, it still has a bad speed with 
HTTPS. The delay time is always from server to client.

Thanks.

-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]