Hi all,I'm currently trying to specify a list of cipher suites to be used by my connector in Tomcat 6.0.24. However, when testing the connector with ssllabs.com, a bunch of ciphers I didn't specify show up.
Here is the connector config:
<Connector
port="443"
protocol="HTTP/1.1"
enableLookups="false"
SSLEnabled="true"
scheme="https"
secure="true"
clientAuth="false"
keystoreFile="{omitted}"
sslProtocols = "TLSv1,TLSv1.1,TLSv1.2"
ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"
/>
Just for the sake of the argument, I specified only a single suite.
This is what ssllabs gives me as list of possible ciphers:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Obviously, this is not what I specified. When configuring
ciphers="ALL"
the result Anybody can shed some light on what I did wrong?
Thanks for any help.
Best regards
Ramon Pfeiffer
--
--
Universität Tübingen
Zentrum für Datenverarbeitung
E-Mail: [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
