I need to be certain that an application I am attempting to secure will only
accept 128 bit connections.
I have a config file called service.xml with the following:
<Connector className="org.apache.catalina.connector.http.HttpConnector"
port="443"
ciphers="SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA"
minProcessors="5" maxProcessors="2222"
enableLookups="true"
acceptCount="300000000000" debug="0" scheme="https" secure="true"
address="192.168.1.36"
>
I do not know the openssl command to test a connection that is a low cipher ...
or rather, I don't really know how to interpret the output, I guess ... or
whether the command I'm using is not really testing the server in the proper
way.
Here's the command I'm using:
OpenSSL> s_client -no_tls1 -cipher LOW -connect www.whatever.com
OpenSSL> s_client -no_tls1 -cipher HIGH -connect www.whatever.com
<http://www.whatever.com/>
Any help would be appreciated.
Thank you.
jeff
--------------------------
Jeffrey Roller, IT Specialist
Town of West Hartford, CT
50 S Main St
Info Svcs - Room 409
W Hartford, CT 06107-2485
860.561.7588
jeff.rol...@westhartford.org
41° 45' 30" N
72° 44' 30" W
