Hello Jason, Chris, Thanks for you answer and replying.
I actually already tired that solution linked in the page https://access.redhat.com/solutions/1232233. but it does not work at all. <Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" /> Yes, this is common problem whatever the tomcat version is, SSL V3 is not safe any more, however, newer tomcat has ready configuration/solution for disable V3. since I am still in old version so I am looking for solution for version Tomcat/6.0.18. but no good luck until now. 2015-01-30 22:28 GMT+08:00 Christopher Schultz <ch...@christopherschultz.net >: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Jason, > > On 1/30/15 4:32 AM, Jason Y wrote: > > Please refer to https://access.redhat.com/solutions/1232233 > > This link is /slightly/ out of date, in that it is missing more-recent > information (i.e. support for TLSv1.1 and TLSv1.2 in tcnative versions > after 1.1.21. > > > By the way, why would you disable SSL? What is your current > > problem? I may have the same problem with tomcat 7.0.55... > > > https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > > iQIcBAEBCAAGBQJUy5T+AAoJEBzwKT+lPKRYdBEQALUAXjY5wZHglrUU7vVQ00qd > I1vdAhY5X6VXhfesK+cHYFdzIkedq15O+2J0MNY5G+SivUPXvWw1xd2VIflpsfCp > VBf6/d3qHVRwmyAdYHWRtP6CRyWfvYY24YO/UO5EuD4Uellrr5DVEeZvfMnyuZJf > IqnZ4NphqVNtar+EUkZ5FH1TyiVVDGmReZcEtLEA8Y2WJGUzcloALRoUMq8dmPQJ > 4u38hDH/K0CpTsoxgQQJBtppFxxbK6c4klsTQO/eWZohSngL8JF0jPKiYjr3RFV6 > 4bT/2DNaoTENUiB8+9qLiGdWhRUofs8qM2/WXo4/Z4eekMSaqFCtRtW5gfelgIhn > D750yqJZtycz+7X+jpnM2724SE3cPc2DxCXZ4mYGG2bH+LAi2bUOBkJYnhUbNpUB > mtEkePXFgBjl4luP57w0+hIohH09q5E6a4206uQzN+0+MFgVtWu3498Ys9OSBO1q > fMaiOk1vvcH3MELuOnseyKA3YyR2AppttQHp+6YJ7YePNx3EuewAoOEBLo2hP5tF > zH4Uu1cUSRe/HSdsnwglHw/xzE9QOn5bc6s5lne0Y9E+8+CP+9cJcFV7D6dA6fDB > ul0cuFbIoyHu2VhUmtnDvuxNS6/xgTy3Nioc0G6jdOTaqR7AxhQx/vyaruN+dGK+ > w1vZbFCCmCe2toKLWdPy > =D+1m > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
