Dear All,
Below is my configuration in server.xml file of tomcat 7.0.22.
<Connector className ="org.apache.catalina.connector.http.HttpConnector"
port="443" maxHttpHeaderSize="8192" maxThreads="150"
minSpareThreads="25" enableLookups="false"
disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
SSLEnabled="true" allowUnsafeLegacyRenegotiation="false"
ciphers="TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"
keystoreFile="*******" keystorePass="***"
server=" ">
<Factory
className="org.apache.catalina.net.SSLServerSocketFactory"
clientAuth="false" protocol="TLS"/>
</Connector>
I tried with below changes.
1. sslProtocol changed to SSLProtocol
2. Removed SSL_RSA_WITH_3DES_EDE_CBC_SHA cipher from ciphers
3. sslProtocol ="TLS" changed to sslProtocol ="TLSv1"
But still unable to disable SSL v3
Any help will be appreciated.
Thanks and Regards
Deepak
"Disclaimer and confidentiality clause -
This message and any attachments relating to official business of CCIL OR ANY
OF IT'S SUBSIDIARIES is proprietary to CCIL and intended for the original
addressee only.
The message may contain information that is confidential and subject to legal
privilege.
Any views expressed in this message are those of the individual sender.
If you have received this message in error, please notify the original sender
immediately and destroy the message and copies thereof and any attachments
contained in it .
If you are not the intended recipient of this message, you are hereby notified
that you must not disseminate, copy, use, distribute, or take any action in
connection therewith.
CCIL cannot ensure that the integrity of this communication has been
maintained nor that it is free of errors, viruses, interception and/or
interference.
CCIL is not liable whatsoever for loss or damage resulting from the opening of
this message and/or attachments and/or the use of the information contained in
this message and/or attachments."
