James,
On 8/10/22 11:57, James H. H. Lampert wrote:
Interesting. The new "protocols" parameter.
Does this work with the traditional syntax? Can "protocols" and
"sslProtocol" coexist in the same Connector?
It's pretty important here to specify your Tomcat version number(s). I
see you have th
Thanks Mark!!!
> -Original Message-
> From: Mark Thomas
> Sent: Wednesday, August 10, 2022 2:43 PM
> To: users@tomcat.apache.org
> Subject: Re: Simple SSL question
>
> On 10/08/2022 19:22, jonmcalexan...@wellsfargo.com.INVALID wrote:
> > Ok, I'm asking a rather simple, stupid (in my opin
On 10/08/2022 19:22, jonmcalexan...@wellsfargo.com.INVALID wrote:
Ok, I'm asking a rather simple, stupid (in my opinion) question, but here goes:
What is the best practice form of connector for SSL. Is it the old-school coyote
connector or the connector with the section?
The old style isn'
Ok, I'm asking a rather simple, stupid (in my opinion) question, but here goes:
What is the best practice form of connector for SSL. Is it the old-school
coyote connector or the connector with the section?
Are the two interchangeable, or does the SSLHostConfig one rely on openssl and
won't wor
On 8/10/22 6:50 AM, Brian Wolfe wrote:
You can disable the protocols at the java level in the java.security file
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, TLSv1,
TLSv1.1
I think that's exactly what I did on "Customer Box #1" (and forgot to
document having done). Bec
On 8/10/22 8:52 AM, Jason Hall wrote:
If you have another network device in front of your server - that could be what
is trumping the app server's settings.
I'd planned on investigating that as well.
But it *looks* like the cert I'm seeing matches the cert in the keystore
their Tomcat is usi
Interesting. The new "protocols" parameter.
Does this work with the traditional syntax? Can "protocols" and
"sslProtocol" coexist in the same Connector?
All our customer installations use JSSE security with a Java Keystore;
I've never configured a successful IBM Midrange installation any othe
If you have another network device in front of your server - that could be what
is trumping the app server's settings.
For example - We have an F5 device sitting in front of our app server - so
SSLLabs will pick up those settings before it even hits my actual app server.
thanks,
Jason
You can disable the protocols at the java level in the java.security file
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768, TLSv1,
TLSv1.1
On Wed, Aug 10, 2022 at 5:09 AM Thomas Hoffmann (Speed4Trade GmbH)
wrote:
> Hello Peter,
>
> > -Ursprüngliche Nachricht-
> > Von:
Hello Peter,
> -Ursprüngliche Nachricht-
> Von: logo
> Gesendet: Mittwoch, 10. August 2022 10:22
> An: Tomcat Users List
> Betreff: Re: AW: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
> sslProtocol="TLSv1.2"
>
> Thomas,
>
> Am 2022-08-10 08:59, schrieb Thomas Hoffmann (Sp
Thomas,
Am 2022-08-10 08:59, schrieb Thomas Hoffmann (Speed4Trade GmbH):
Hello,
-Ursprüngliche Nachricht-
Von: Peter Kreuser
Gesendet: Mittwoch, 10. August 2022 08:44
An: Tomcat Users List
Betreff: Re: SSLLabs scan shows TLSv1.0 and TLSv1.1 even though I have
sslProtocol="TLSv1.2"
11 matches
Mail list logo
