subject:"Re\: Ability to set cipher suites for websocket connections"

Re: Ability to set cipher suites for websocket connections

2017-01-17 Thread Michael Orr

On 17 January 2017 at 13:39, Mark Thomas  wrote:
> On 17/01/2017 11:23, Michael Orr wrote:
>> Hi,
>>
>> There is a user property "org.apache.tomcat.websocket.SSL_PROTOCOLS"
>> that you can use to provide the list of permitted SSL protocols when
>> connecting to a websocket with WsWebSocketContainer.  I was expecting
>> that there would be a similar property to allow you to set the list of
>> permitted SSL cipher suites as well.
>>
>> I've checked the code (for version 7.0.73, and also 9.0.0.M15) and
>> there doesn't seem to be any mention of such an option.  I can see it
>> calling SSLEngine.setEnabledProtocols() but not
>> SSLEngine.setEnabledCipherSuites().
>>
>> Is there a particular reason why there is no
>> "org.apache.tomcat.websocket.SSL_CIPHER_SUITES" property, or is it
>> simply an oversight?
>
> No reason I can think of. Patches welcome :)
>
> Mark
>
>>
>> Thanks, and keep up the great work!
>>
>> Michael
>>

I'll see what I can do!

Thanks for your fast response.

Michael

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Ability to set cipher suites for websocket connections

2017-01-17 Thread Mark Thomas

On 17/01/2017 11:23, Michael Orr wrote:
> Hi,
> 
> There is a user property "org.apache.tomcat.websocket.SSL_PROTOCOLS"
> that you can use to provide the list of permitted SSL protocols when
> connecting to a websocket with WsWebSocketContainer.  I was expecting
> that there would be a similar property to allow you to set the list of
> permitted SSL cipher suites as well.
> 
> I've checked the code (for version 7.0.73, and also 9.0.0.M15) and
> there doesn't seem to be any mention of such an option.  I can see it
> calling SSLEngine.setEnabledProtocols() but not
> SSLEngine.setEnabledCipherSuites().
> 
> Is there a particular reason why there is no
> "org.apache.tomcat.websocket.SSL_CIPHER_SUITES" property, or is it
> simply an oversight?

No reason I can think of. Patches welcome :)

Mark

> 
> Thanks, and keep up the great work!
> 
> Michael
> 
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: Ability to set cipher suites for websocket connections

Re: Ability to set cipher suites for websocket connections

2 matches

Site Navigation

Mail list logo

Footer information