subject:"tomcat\-embedded 9.x \-> 10.1.x \- how to set ssl honor cipher order option now"

Re: tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

2022-12-06 Thread Torsten Krah

>  Now there is a single method. This should 
> do what you need:
> 
> SSLHostConfig[] sslHostConfigs = httpHandler.findSslHostConfigs();
> 
> for (SSLHostConfig sslHostConfig : sslHostConfigs) {
>  sslHostConfig.setHonorCipherOrder(true);
> }

That is even better now, thanks.

> 
> 
> Mark

Torsten

-- 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

2022-12-06 Thread Mark Thomas




On 06/12/2022 08:50, Torsten Krah wrote:

Hi,

using tomcat-embed 9.x I was able to customize my protocol handler like
this:

AbstractHttp11Protocol httpHandler = ((AbstractHttp11Protocol) 
connector.getProtocolHandler());
httpHandler.setSSLHonorCipherOrder(true);
httpHandler.setUseServerCipherSuitesOrder(true);


Switched to 10.1.1 now and those 2 methods are gone and I am wondering
where they are now and how to access them when coming from the
connector.


Those two methods do the same thing. One was for JSSE based connectors, 
one for APR/Native (OpenSSL). Now there is a single method. This should 
do what you need:


SSLHostConfig[] sslHostConfigs = httpHandler.findSslHostConfigs();

for (SSLHostConfig sslHostConfig : sslHostConfigs) {
sslHostConfig.setHonorCipherOrder(true);
}


Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

2022-12-06 Thread Torsten Krah

Hi,

using tomcat-embed 9.x I was able to customize my protocol handler like
this:

AbstractHttp11Protocol httpHandler = ((AbstractHttp11Protocol) 
connector.getProtocolHandler());
httpHandler.setSSLHonorCipherOrder(true);
httpHandler.setUseServerCipherSuitesOrder(true);


Switched to 10.1.1 now and those 2 methods are gone and I am wondering
where they are now and how to access them when coming from the
connector.

Any help appreciated.

kind regards

Torsten

-- 

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

Re: tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

tomcat-embedded 9.x -> 10.1.x - how to set ssl honor cipher order option now

3 matches

Site Navigation

Mail list logo

Footer information