Hi, I'm trying to specify a list of valid ciphers for a standalone tomcat instance. I've scoured the FAQs, documentation, and googled until my eyes bled. I did find references to the RFC, and to the best of my knowledge, I am specifying the ciphers in compliance with those specifications. I know that the ciphers need to be specified in a comma-separated list. However, what are the valid ciphers and/or cipher aliases that can be specified? The configuration below does not appear to work. I'm assuming this is an issue with the way I'm specifying the ciphers. If someone could provide an example, I'd appreciate it. Here is the relevant excerpt from my server.xml file (arrows point out cipher attribute). <Service name="Tomcat-Standalone"> <Connector acceptCount="100" className="org.apache.catalina.connector.http.HttpConnector" debug="0" disableUploadTimeout="true" enableLookups="true" maxProcessors="75" minProcessors="5" port="443" scheme="https" secure="true" useURIValidationHack="false"> <Factory className="org.apache.catalina.net.SSLServerSocketFactory" clientAuth="false" ---->ciphers="ALL,!ADH,!aNULL,!eNULL,!LOW,!EXP,RC4+RSA,+HIGH,+MEDIUM"<-- -- keystoreFile="somefile" keystorePass="somepassword" protocol="TLS"/> </Connector>
Thanks you kindly for any assistance. -chris --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]