-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jason,
On 2/2/15 4:46 AM, Jason Y wrote:
> Thanks for your reply, Chris.
>
> I am providing solr search service on Linux server. My java version
> is 1.7_67(64bit) and tomcat version is 7.0.55 and tomcat Connector
> is: protocol="org.apache.coyote
Thanks for your reply, Chris.
I am providing solr search service on Linux server. My java version is
1.7_67(64bit) and tomcat version is 7.0.55 and tomcat Connector is:
In my service I provide both REST and WSDL servie to call solr search by
https. Everything worked well until one day(about in No
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jason,
On 1/23/15 3:27 AM, Jason Y wrote:
> Thank you Chris for your reply.
>
> I think I was mislead by this error. My services--both REST and
> SOAP--are hosted by tomcat and used by downstream users with HTTPS.
> They are running well for long t
g message for this. And, I didn't find
> >> much request to the service. Currently there are no changed
> >> settings(firewall/network, etc.).
> >>
> >> On Wed, Jan 21, 2015 at 11:28 PM, Jeffrey Janner <
> >> jeffrey.jan...@polydyne.com
ly there are no changed
>> settings(firewall/network, etc.).
>>
>> On Wed, Jan 21, 2015 at 11:28 PM, Jeffrey Janner <
>> jeffrey.jan...@polydyne.com> wrote:
>>
>>>> -Original Message- From: Jason Y
>>>> [mailto:day...@gmail.com] S
> > -Original Message-
>> > From: Jason Y [mailto:day...@gmail.com]
>> > Sent: Wednesday, January 21, 2015 12:44 AM
>> > To: Tomcat Users List
>> > Subject: Re: SSL issue in tomcat
>> >
>> > Got another issue...Tomcat is working fi
e:
> > -Original Message-
> > From: Jason Y [mailto:day...@gmail.com]
> > Sent: Wednesday, January 21, 2015 12:44 AM
> > To: Tomcat Users List
> > Subject: Re: SSL issue in tomcat
> >
> > Got another issue...Tomcat is working fine after restart but i
> -Original Message-
> From: Jason Y [mailto:day...@gmail.com]
> Sent: Wednesday, January 21, 2015 12:44 AM
> To: Tomcat Users List
> Subject: Re: SSL issue in tomcat
>
> Got another issue...Tomcat is working fine after restart but it cannot
> last
> long.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jason,
On 1/21/15 4:29 AM, Jason Y wrote:
> Here is what I get with openssl s_client command:
>
> Loading 'screen' into random state - done CONNECTED(01E8) write
> to 0x2103650 [0x2103698] (124 bytes => 124 (0x7C)) - 80 7a 01
> 03 01 00 51
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jason,
On 1/20/15 8:53 PM, Jason Y wrote:
> Thank you all. Now it is working fine.
>
> protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150"
> SSLEnabled="true" scheme="https" secure="true" clientAuth="false"
> sslProtocol="TLS" sslE
Here is what I get with openssl s_client command:
Loading 'screen' into random state - done
CONNECTED(01E8)
write to 0x2103650 [0x2103698] (124 bytes => 124 (0x7C))
- 80 7a 01 03 01 00 51 00-00 00 20 00 00 39 00 00 .zQ... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0
then may be its not the issue of tomcat.you can check you firewall? may be
your firewall dropping the correction after some time.
try to connect the server from localhost using " openssl s_client -connect
hostname:8443 -debug " may be you will found something use full.
On Wed, Jan 21, 2015 at 11:
Got another issue...Tomcat is working fine after restart but it cannot last
long.
Now I cannot access https pages with any browsers. I didn't find anything
useful in logs.
After a restart, it works well again.
On Wed, Jan 21, 2015 at 10:01 AM, Sanaullah wrote:
> its not necessary to hav
its not necessary to have ciphers properties but if you want to restrict
the ciphers then you can use this property.
On Wed, Jan 21, 2015 at 6:53 AM, Jason Y wrote:
> Thank you all. Now it is working fine.
>
> maxThreads="150" SSLEnabled="true" scheme="https"
> secure="true"
>
Thank you all. Now it is working fine.
By the way, do I need "ciphers" properties here?
On Tue, Jan 20, 2015 at 11:22 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Jason,
>
> On 1/20/15 4:17 AM, Jason Y wrote:
> > Recentl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Jason,
On 1/20/15 4:17 AM, Jason Y wrote:
> Recently my application cannot be accessible in browser with https
> version. I think it is due to vulnerability in ssl 3.0 issue.
>
> I checked my tomcat configuration and replaced sslProtocol="TLS"
> wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Rajesh,
On 1/20/15 4:27 AM, Rajesh Biswas wrote:
> Please keep SSLEnabled="true" along with your existing
> configuration
>
> acceptCount="100" maxThreads="200" SSLEnabled="true"
> scheme="https" secure="true" clientAuth="false" sslProtocols =
>
Thanks, Raj, Sanaullah and Dave.
I am not sure if it is POODLE issue(
http://wiki.apache.org/tomcat/Security/POODLE), this solution is the same
with Raj's suggestion.
I will try, thanks.
On Tue, Jan 20, 2015 at 5:43 PM, Utkarsh Dave
wrote:
> I don t think you will achieve what you want to via
I don t think you will achieve what you want to via disabling SSL protocol
using sslEnabledProtocols.
The vulnerability "I think it is due to vulnerability in ssl 3.0 issue."
will not stop access to the application.
You may want to revert your changes back, and check the firewall settings
or anythi
Please follow the Apache document for the connector configuration.
Here is the sample connector configuration
[1] http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html
On Tue, Jan 20, 2015 at 2:17 PM, Jason Y wrote:
> Hi folks,
>
> Recently my application cannot be accessible in browser wi
Hello,
Please keep SSLEnabled="true" along with your existing configuration
Rajesh
On Tue, Jan 20, 2015 at 2:47 PM, Jason Y wrote:
> Hi folks,
>
> Recently my application cannot be accessible in browser with https version.
> I think it is due to vulnerability in ssl 3.0 issue.
>
> I checked
Hi folks,
Recently my application cannot be accessible in browser with https version.
I think it is due to vulnerability in ssl 3.0 issue.
I checked my tomcat configuration and replaced sslProtocol="TLS" with
sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL 3.0.
con
22 matches
Mail list logo
