On 20/12/2016 15:22, manjesh wrote:
> thanks. I believe as a part of cipher negotiation the server (tomcat)
> should do this rather than the provider (JDK/SunJC)
What is your basis for that believe?
You need to point to the Java documentation that a) states this is the
case and b) describes the
thanks. I believe as a part of cipher negotiation the server (tomcat)
should do this rather than the provider (JDK/SunJC)
On Tue, Dec 20, 2016 at 8:49 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> manjesh,
>
> On 12/20/16
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
manjesh,
On 12/20/16 6:19 AM, manjesh wrote:
> Below shown snippet is the ciphersuite configuration. Tomcat
> version 8.026 and JDK 1.8
>
>
> protocol="org.apache.coyote.http11.Http11NioProtocol"
> maxThreads="150" scheme="https" secure="true"
Below shown snippet is the ciphersuite configuration. Tomcat version 8.026
and JDK 1.8
Tested with Nmap
Check the server for the supported cipher suites.
nmap -p 443 --script ssl-enum-ciphers.nse hostname
The result shows server supports few ciphers with curves
secp160k1,secp192k1,