-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| compression=on
| compressionMinSize=2048
| noCompressionUserAgents=gozilla, traviata
|
compressableMimeType=text/html,text/xml,text/javascript,text/css,text/javascript,text/plain
Chris,
Thank You. I just got solution from colleague. I was going to post it here.
Installing unlimited strength cryptography policy fixed the problem.
Cipher I posted is from Java6.
I think all Tomcats with SSL must be running with such policy now.
May be it is good to post it to tomcats ssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| Chris,
|
| Thank You. I just got solution from colleague. I was going to post it
here.
Yes, please post your solution, including complete instructions.
Post it under a new thread so folks who haven't been reading this
Chris,
I already posted solution.
I had to set unlimited strength cryptography policy.
Unlimited strength JCE is available from Sun on same download page as JDK.
There are 2 jar files that must be copied in $JDK_HOME/jre/lib/secuirty
It so simple.
Regards,
Max
Christopher Schultz wrote:
Hello,
I would like to disable low grade encryption in Tomcat.
I have cert that uses 256/1024bit encryption with Apache but same cert
with tomcat uses
128/768bit encryption.
The problem is public key size 768 bit that is no more considered secure
by Opera.
The problem was discussed here
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| I would like to disable low grade encryption in Tomcat.
Are you using Tomcat's native APR library?
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| Right now I am using pure Java solution with keystore.
| I am debating to move to APR.
What version of Tomcat are you using? Can you post your Connector
configuration from server.xml? That would be very helpful in
Chris,
tomcat 6.0.14
java 6
Connector port=8443 protocol=HTTP/1.1 SSLEnabled=true
maxThreads=150 scheme=https secure=true
clientAuth=false sslProtocol=TLS
compression=on
compressionMinSize=2048