SSL IE vs Opera war

[Max Sevenfold]

Hello,

Opera dislikes low encryption. It works only when I add
          ciphers="TLS_RSA_WITH_AES_256_CBC_SHA"

But it stops IE 7.
IE 7 uses

TSL_RSA_WITH_RC4_128_MD5

We tries following so far

          ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,TSL_RSA_WITH_RC4_128_MD5"
          ciphers="TSL_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_AES_256_CBC_SHA"
          ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,ALL"

Server responds Handshake Filure when IE 7 connects.

IE 7 works with

ciphers="TSL_RSA_WITH_RC4_128_MD5"
or with no ciphers attribute.

It seems to be Tomcat error as it does not wish to select 
TSL_RSA_WITH_RC4_128_MD5 when IE 7 connects.
or select Opera's favorite TLS_RSA_WITH_AES_256_CBC_SHA when Opera connects.

Is there any solution?

I have Tomcat 6.0.14 with no APR and no NIO.
I use Java 6 u3 or u4 with Strong Encryption.


   <Connector port="6443" protocol="HTTP/1.1" SSLEnabled="true"
          maxThreads="150" scheme="https" secure="true"
          keystoreFile="conf/keystore.tomcat"
          keystorePass="changeit"
          keystoreType="PKCS12"
          clientAuth="false" sslProtocol="TLS"
                                           
          ciphers="TSL_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_AES_256_CBC_SHA"
         
          compression="on"
          compressionMinSize="2048"
          noCompressionUserAgents="gozilla, traviata"
          
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/javascript,text/plain"
          />




Thanks,
Max




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]