Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-20 Thread Christopher Schultz
Mark, On 10/19/21 04:17, Mark Thomas wrote: On 19/10/2021 06:20, Natraj Thekkan wrote: Hi Mark or Chris, Based on Chris statement, it has to be addressed in tomcat. No, you has misunderstood Chris's statement. +1 I was suggesting a related beehavior in Tomcat that would not affect the

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-19 Thread Natraj Thekkan
Hi, @ Thomas Hoffmann, Mark and Chris, Thanks for your suggestion. We have done changes as per the xml configuration provided by Thomas Hoffmann and then verified the scenario. Now, client connection with TLS1.1 and TLS1.0 are restricted as expected.

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-19 Thread Mark Thomas
On 19/10/2021 06:20, Natraj Thekkan wrote: Hi Mark or Chris, Based on Chris statement, it has to be addressed in tomcat. No, you has misunderstood Chris's statement. All the evidence so far points to user error. Again, you need to provide the simplest, *complete* test case (i.e. the

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-18 Thread Natraj Thekkan
Hi Mark or Chris, Based on Chris statement, it has to be addressed in tomcat. Can I raise a Bug in Bugzilla for this observation?. Regards, Natraj -Original Message- From: Christopher Schultz Sent: Monday, October 18, 2021 10:14 PM To: users@tomcat.apache.org Subject: Re: Restriction

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-18 Thread Christopher Schultz
Natraj, On 10/18/21 01:19, Natraj Thekkan wrote: @Mark Thanks for your response. We have tested by removing that line of code, still client able to establish the connection with server using TLSv1 and TLSv1.1. Below one is configured in java.security file.

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-18 Thread Mark Thomas
On 18/10/2021 06:19, Natraj Thekkan wrote: Hi, @Mark Thanks for your response. We have tested by removing that line of code, still client able to establish the connection with server using TLSv1 and TLSv1.1. Below one is configured in java.security file.

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-17 Thread Natraj Thekkan
Hi, @Mark Thanks for your response. We have tested by removing that line of code, still client able to establish the connection with server using TLSv1 and TLSv1.1. Below one is configured in java.security file.

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-14 Thread Mark Thomas
On 14/10/2021 10:28, Natraj Thekkan wrote: Hi, We are using tomcat version 9.0.46. Could you please provide suggestion to restrict the TLS version in HTTP2 over HTTPS with OpenSSL implementation?. The code below is sufficient, assuming that is then the connector that is being used by the

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

2021-10-14 Thread Natraj Thekkan
Hi, We are using tomcat version 9.0.46. Could you please provide suggestion to restrict the TLS version in HTTP2 over HTTPS with OpenSSL implementation?. Regards, Natraj From: Natraj Thekkan Sent: Wednesday, October 13, 2021 10:15 AM To: 'users@tomcat.apache.org' Subject: Restriction of TLS