subject:"A way for user to specify DH parameter to tomcat \!"

AW: A way for user to specify DH parameter to tomcat !

2016-08-19 Thread Kreuser, Peter

Hi Utkarsh

>Von: Utkarsh Dave [mailto:utkarshkd...@gmail.com] 
>Gesendet: Donnerstag, 18. August 2016 08:18
>An: Tomcat Users List
>Betreff: Re: A way for user to specify DH parameter to tomcat !
>
>Thanks a lot Chris and Violeta.
>
>On Wed, Aug 17, 2016 at 1:59 PM, Utkarsh Dave 
>wrote:
>
>> Hi All,
>>
>> My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on linux OS
>> We have been using BIO connectors.
>> 1. I need help to find out how to provide user specified DH parameter to
>> tomcat.
>> 2. What all ciphers are categorized under modern ciphers ?
>>
>> Thanks for your time in advance.
>>
>> -Utkarsh
>>

You probably won't be able to set a higher DH Key Size than 1024bit on Java 7. 
With your java version at least the default is 1024bit. With Java 8 you can add 
the -D option (-Djdk.tls.ephemeralDHKeySize=2048) to the CATALINA_OPTS (in 
bin/setenv.sh).

Best regards.

Peter

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: A way for user to specify DH parameter to tomcat !

2016-08-18 Thread Utkarsh Dave

Thanks a lot Chris and Violeta.

On Wed, Aug 17, 2016 at 1:59 PM, Utkarsh Dave 
wrote:

> Hi All,
>
> My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on linux OS
> We have been using BIO connectors.
> 1. I need help to find out how to provide user specified DH parameter to
> tomcat.
> 2. What all ciphers are categorized under modern ciphers ?
>
> Thanks for your time in advance.
>
> -Utkarsh
>

Re: A way for user to specify DH parameter to tomcat !

2016-08-17 Thread Christopher Schultz

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Utkarsh,

On 8/17/16 4:29 AM, Utkarsh Dave wrote:
> Hi All,
> 
> My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on
> linux OS We have been using BIO connectors. 1. I need help to find
> out how to provide user specified DH parameter to tomcat.

I'm not sure you can do this with Tomcat 7. With Tomcat 8, using the
APR connector can use the DH parameters from the certificate file itself
.

https://tomcat.apache.org/tomcat-8.0-doc/config/http.html#SSL_Support

Search for "SSLCertificateFile".

If you are able to use Tomcat 8.5, you can use DH params with any kind
of connector.

https://tomcat.apache.org/tomcat-8.5-doc/config/http.html#SSL_Support_-_
Certificate

Look for "certificateFile".

Note you will need Java 8 to run Tomcat 8.5.

> 2. What all ciphers are categorized under modern ciphers ?

See Violeta's response.

- -chris
-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJXtOGvAAoJEBzwKT+lPKRYEuUP/1K2Zs88uKjBBsKAwBRDX1Zk
WUDbTt7c68VK0ahfU0B21DPDHCLa8sN4Ji8yK9pgYzZAE6JfyKOs6hWhO7IgWh0Z
BODN1ux6yHjEc0sZrvkCyUbG9mzp3AYjB7AhqGd48tRJx0QzAmwLpG5HGYjdH/6B
NyCBxADS7k5EOWYe1MmKQPbtgyO2t3wveV6mCTig6EcSm3v4unFgjgHiRNaSZrRc
bvaKvHhPot1gTqZLCoQ1Rpx3RGUse5rqFta8jHsdHf2Tq8aEkyEGk1jggTFOCb8+
lpKNABfdLtFTC4HKSG8VY8c524bisbaJOmzq7fOsXnOIMN7abczQtmGPoEGc+7Vb
gbcGPPuEh0wcvapZGG4L9iYsTB7EIQMGCHAYuhoDHhbEhvJAu5P8xtSkz9flgcJH
3EmNQVqn9IS5CG1Xj8FW/0o34xl86fkMx2lSBT+vRMXX+HwPO2DTnOQh9aKGS9FI
Ayomb97HBnMpgUUDBLjxcF6aKQ+2/CSi/eVdrIcnPU7qgZq8FBRUwUcZ5Q7/sSAN
xsf1Ez1jW+mMAxyX4wIrizDgEXDwnlnr8JCFZtDAKd0x1umX8ZyLzY0gQkacHWV6
1FVy5y62rILOoe+HgTmxhMDRmmcXGz/1FHPjqA+kYo2bjbU8vFdPetDkDO2Liydf
o+jrnbet4VC4hD43fZVJ
=Fkhf
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: A way for user to specify DH parameter to tomcat !

2016-08-17 Thread Utkarsh Dave

Thanks.
By DH I mean "Diffie-Hellman parameters (secure DH-Cipher)".


On Wed, Aug 17, 2016 at 3:31 PM, Violeta Georgieva 
wrote:

> Hi,
>
> 2016-08-17 11:29 GMT+03:00 Utkarsh Dave :
> >
> > Hi All,
> >
> > My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on linux OS
> > We have been using BIO connectors.
> > 1. I need help to find out how to provide user specified DH parameter to
> > tomcat.
> > 2. What all ciphers are categorized under modern ciphers ?
>
> Look at these pages
> http://wiki.apache.org/tomcat/Security/Ciphers
> http://wiki.apache.org/tomcat/HowTo/SSLCiphers
>
> Regards,
> Violeta
>
> >
> > Thanks for your time in advance.
> >
> > -Utkarsh
>

Re: A way for user to specify DH parameter to tomcat !

2016-08-17 Thread Violeta Georgieva

Hi,

2016-08-17 11:29 GMT+03:00 Utkarsh Dave :
>
> Hi All,
>
> My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on linux OS
> We have been using BIO connectors.
> 1. I need help to find out how to provide user specified DH parameter to
> tomcat.
> 2. What all ciphers are categorized under modern ciphers ?

Look at these pages
http://wiki.apache.org/tomcat/Security/Ciphers
http://wiki.apache.org/tomcat/HowTo/SSLCiphers

Regards,
Violeta

>
> Thanks for your time in advance.
>
> -Utkarsh

A way for user to specify DH parameter to tomcat !

2016-08-17 Thread Utkarsh Dave

Hi All,

My project is using tomcat 7.0.70, JDK 1.7.0_101 and is based on linux OS
We have been using BIO connectors.
1. I need help to find out how to provide user specified DH parameter to
tomcat.
2. What all ciphers are categorized under modern ciphers ?

Thanks for your time in advance.

-Utkarsh

AW: A way for user to specify DH parameter to tomcat !

Re: A way for user to specify DH parameter to tomcat !

Re: A way for user to specify DH parameter to tomcat !

Re: A way for user to specify DH parameter to tomcat !

Re: A way for user to specify DH parameter to tomcat !

A way for user to specify DH parameter to tomcat !

6 matches

Site Navigation

Mail list logo

Footer information