Emen-Eddine,
> -Original Message-
> From: Christopher Schultz
> Sent: Wednesday, June 09, 2021 9:08 AM
> To: users@tomcat.apache.org
> Subject: Re: [OT] Request: Encryption requirements for TLS and SSL for
> Tomcat
>
> Emen-Eddine,
>
> On 6/8/21 08:10, Emen-Eddine AISSAOUI wrote:
> > Hello,
> >
> > I am contacting you regarding the cipher suite recommandations for TLS
> > and SSL for Tomcat.
> >
> > This is an urgent request for a customer feedback.
>
> Since this is a customer who is presumably paying YOU for YOUR services, this
> is probably an urgent request for YOU. If your customer(s) want to pay US to
> help them, it may become urgent for US.
>
> > Could you please tell us which cipher suites are used and necessary
> > and if there is any particular prequesites regarding TLS and SSL
> > encryption for the proper functioning of Tomcat ?
>
> Tomcat will use a combination of your configuration and system (JVM)
> support to determine which cipher suites will be used. Assuming at least one
> cipher suite is in that set, Tomcat will "work". None are actually necessary.
>
> -chris
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
If you're looking for actual cipher suite recommendations, I'm not going to
make any but I will show you some useful resources.
This is a list of the supported Java 11 cipher suites "sorted by order of
preference." Hopefully good security is one of their preferences!
https://docs.oracle.com/en/java/javase/11/security/oracle-providers.html#GUID-7093246A-31A3-4304-AC5F-5FB6400405E2
This is another useful site with information on whether a cipher suite is
recommended or not.
https://ciphersuite.info/cs/
You can cross reference the lists from those two sites.
John
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org