> From: Sanaullah [mailto:sanaulla...@gmail.com] > Subject: Fwd: TLS is not working in 6.0.37, 7.0.42, 7.0.47
> The Document which you were referring > http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support_-_APR/Native, > is clearly stated that only SSLv2, SSLv3, TLSv1 is support by SSLProtocol > Attribute. TLSv1.1 and TLSv1.2 are included in TLSv1, when using the appropriate ciphers. > TLSv1.1 and TLSV1.2 supported Cipher can't be invoked until TLSv1.1 and > TLSv1.2 is enabled.see the supported Cipher list on TLSV1.2 on openssl link. > http://www.openssl.org/docs/apps/ciphers.html#TLS_v1_2_cipher_suites That's backwards; TLSv1.1 and TLSv1.2 are used automatically if TLSv1 is enabled and the client and server support v1.1 or v1.2 ciphers. > TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 ECDH-ECDSA-AES128-SHA256 > TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 ECDH-ECDSA-AES256-SHA384 > TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 ECDH-ECDSA-AES128-GCM-SHA256 > TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 ECDH-ECDSA-AES256-GCM-SHA384 Those all appear to be supported in OpenSSL 1.0.1e. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org