Hi,
I have following weak ciphers as per Foundstone
SSLDIgger in my tomcat(5.5) implemenation:
EXP-DES-CBC-SHA
EXP-RC4-MD5
DES-CBC-SHA
and few strong ones
RC4-MD5
RC4-SHA
DES-CBC3-SHA
now I want to remove support for weak ones. So in
server.xml I go and for connector port 8443 for my SSL
I put property Ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5".
After restart when I run the foundstone SSLDigger on
it it again says that I support all the weak ones in
addition to strong ones. Any idea what I am doing
wrong here.
thanks,
Jignesh
____________________________________________________________________________________
Catch up on fall's hot new shows on Yahoo! TV. Watch previews, get listings,
and more!
http://tv.yahoo.com/collections/3658
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
