Re: Tomcat 7 and SHA-1

2016-07-03 Thread Greg Beresnev
Thanks folks, appreciate your time and suggestions! On 3 Jul 2016 3:44 a.m., "Christopher Schultz" wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Daniel, > > On 7/1/16 6:28 PM, Daniel Savard wrote: > > 2016-07-01 16:21 GMT-04:00 Christopher Schultz >

Re: Tomcat 7 and SHA-1

2016-07-02 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 7/1/16 6:28 PM, Daniel Savard wrote: > 2016-07-01 16:21 GMT-04:00 Christopher Schultz > > : > >> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 >> >> Greg, >> >> On 7/1/16 3:03 AM, Greg Beresnev wrote:

Re: Tomcat 7 and SHA-1

2016-07-01 Thread Daniel Savard
2016-07-01 16:21 GMT-04:00 Christopher Schultz : > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Greg, > > On 7/1/16 3:03 AM, Greg Beresnev wrote: > > Thanks Daniel - any idea which cipher in particular needs to be > > absent in order for the SHA-1-based

Re: Tomcat 7 and SHA-1

2016-07-01 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Greg, On 7/1/16 3:03 AM, Greg Beresnev wrote: > Thanks Daniel - any idea which cipher in particular needs to be > absent in order for the SHA-1-based connection/authentication was > rejected/failed? I'm afraid Daniel may have confused the issue,

Re: ***UNCHECKED*** Re: Tomcat 7 and SHA-1

2016-07-01 Thread Mark Thomas
On 01/07/2016 08:03, Greg Beresnev wrote: > Thanks Daniel - any idea which cipher in particular needs to be absent in > order for the SHA-1-based connection/authentication was rejected/failed? I recommend using SSLLabs to test your site. Also, the version of Java you use is important. See this

Re: Tomcat 7 and SHA-1

2016-07-01 Thread Greg Beresnev
Thanks Daniel - any idea which cipher in particular needs to be absent in order for the SHA-1-based connection/authentication was rejected/failed? regards, Greg On Fri, Jul 1, 2016 at 4:53 PM, Daniel Savard wrote: > 2016-06-30 23:05 GMT-04:00 Greg Beresnev

Re: Tomcat 7 and SHA-1

2016-07-01 Thread Daniel Savard
2016-06-30 23:05 GMT-04:00 Greg Beresnev : > Hi, > > We're in the process of updating our web application to stop using SHA-1 > certificates and I was wondering if there was some way to configure Tomcat > (we're on version 7.0.39 - yes, I know, we are pretty old-school

Tomcat 7 and SHA-1

2016-06-30 Thread Greg Beresnev
Hi, We're in the process of updating our web application to stop using SHA-1 certificates and I was wondering if there was some way to configure Tomcat (we're on version 7.0.39 - yes, I know, we are pretty old-school and should get with the times) to either throw errors or at least log warnings