Hi Alexandre, This is what I am doing. A+ on SSLabs.
https://orclcs.blogspot.ca/2017/03/tomcat-9-java-8-with-https.html <https://orclcs.blogspot.ca/2017/03/tomcat-9-java-8-with-https.html> > On Apr 25, 2018, at 11:06 AM, Alexandre Adao <alexa...@gmail.com> wrote: > > I am currently running Apache Tomcat 9.0.6. I would like to disable the > Weak Cipher like TLS_DHE or what will be the best Cipher type to get "A" > from SSlabs test. > > > the SSLImplementation selected. JSSE style configuration is used > below. > --> > > <Connector port="443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > maxThreads="150" SSLEnabled="true"> > <SSLHostConfig> > <Certificate certificateKeyFile="conf/xxx.key" > certificateFile="conf/xxx.crt" > certificateChainFile="conf/ixxxxxx-bundle" > type="RSA" /> > </SSLHostConfig>
