James,
On 8/10/22 11:57, James H. H. Lampert wrote:
Interesting. The new "protocols" parameter.
Does this work with the traditional syntax? Can "protocols" and
"sslProtocol" coexist in the same Connector?
It's pretty important here to specify your Tomcat version number(s). I
see you have
On 8/10/22 6:50 AM, Brian Wolfe wrote:
You can disable the protocols at the java level in the java.security file
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, TLSv1,
TLSv1.1
I think that's exactly what I did on "Customer Box #1" (and forgot to
document having done).
On 8/10/22 8:52 AM, Jason Hall wrote:
If you have another network device in front of your server - that could be what
is trumping the app server's settings.
I'd planned on investigating that as well.
But it *looks* like the cert I'm seeing matches the cert in the keystore
their Tomcat is
Interesting. The new "protocols" parameter.
Does this work with the traditional syntax? Can "protocols" and
"sslProtocol" coexist in the same Connector?
All our customer installations use JSSE security with a Java Keystore;
I've never configured a successful IBM Midrange installation any
,
Jason
- Original Message -
From: "Brian Wolfe"
To: "Tomcat Users List"
Sent: Wednesday, August 10, 2022 9:50:01 AM
Subject: Re: AW: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
sslProtocol="TLSv1.2"
You can disable the protocols at the java l
ht-
> > Von: logo
> > Gesendet: Mittwoch, 10. August 2022 10:22
> > An: Tomcat Users List
> > Betreff: Re: AW: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I
> have
> > sslProtocol="TLSv1.2"
> >
> > Thomas,
> >
>
Hello Peter,
> -Ursprüngliche Nachricht-
> Von: logo
> Gesendet: Mittwoch, 10. August 2022 10:22
> An: Tomcat Users List
> Betreff: Re: AW: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
> sslProtocol="TLSv1.2"
>
> Thomas,
>
> Am 2
Thomas,
Am 2022-08-10 08:59, schrieb Thomas Hoffmann (Speed4Trade GmbH):
Hello,
-Ursprüngliche Nachricht-
Von: Peter Kreuser
Gesendet: Mittwoch, 10. August 2022 08:44
An: Tomcat Users List
Betreff: Re: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
sslProtocol="TL
Hello,
> -Ursprüngliche Nachricht-
> Von: Peter Kreuser
> Gesendet: Mittwoch, 10. August 2022 08:44
> An: Tomcat Users List
> Betreff: Re: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
> sslProtocol="TLSv1.2"
>
>
>
> James,
James,
the most recent connector attribute is "protocols". The documentation is a bit
vague on this saying there is an overlap between the two, yet I don't know if
the overlap is there if protocols is unset and defaults to "all"
On 8/9/22 16:13, James H. H. Lampert wrote:
On customer box #1, I have:
protocol="org.apache.coyote.http11.Http11Protocol" address=""
maxThreads="400" SSLEnabled="true" scheme="https"
secure="true"
keystoreFile="/tomcat/wttomcat.ks"
keyAlias=""
I think this may have come up before, but I don't recall how it was
resolved.
On customer box #1, I have:
address=""
maxThreads="400" SSLEnabled="true" scheme="https"
secure="true"
keystoreFile="/tomcat/wttomcat.ks"
keyAlias=""
12 matches
Mail list logo
