Am 08.04.2016 um 15:40 schrieb Kikkeri, Amith: > Thanks... I will me more detailed. > We don't use Apache HTTPD or ngnix. It's just tomcat7. Below is my connector > configuration. > > <Connector port="443" protocol="org.apache.coyote.http11.Http11Protocol" > maxThreads="150" SSLEnabled="true" scheme="https" secure="true" > clientAuth="false" sslProtocol="TLS" > keystoreFile=" " > keystorePass=" "/> You'll have to explicitly configure the ciphers. That can be done by configuring the connector (https://wiki.apache.org/tomcat/HowTo/SSLCiphers) to use or prohibit one or the other cipher (https://wiki.apache.org/tomcat/Security/Ciphers) - or use one of the links that I've posted in my previous answer.
I'm typically configuring a HTTPS end point in Apache httpd and forward to tomcat. I feel that the documentation for explicit cipher-choice in Apache httpd is a lot better (and more widespread up to date) than for tomcat, but you definitely can correctly configure it in tomcat as well. I just hope you're not running as root in order to bind to port 443 - in that case you have different (and bigger) problems. Olaf --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
