Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Bill Barker
It also currently need the full cipher string, not just the prefix. Although, allowing just the prefix might be a nice enhancement. "Mark Thomas" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Jignesh Shah wrote: >> I put property Ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5". > > It sho

Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Jignesh Shah
I am using 5.5.20 and I am not using APR. thanks, Jignesh --- Mark Thomas <[EMAIL PROTECTED]> wrote: > Jignesh Shah wrote: > > I tried ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5", > lower > > case "C" restarted the server again it shows I am > > using weak ciphers which are not present in the > above

RE: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Caldarale, Charles R
> From: Jignesh Shah [mailto:[EMAIL PROTECTED] > Subject: Disable ciphers in tomcat 5.5 not working > > now I want to remove support for weak ones. So in > server.xml I go and for connector port 8443 for my SSL > I put property Ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5"

Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Mark Thomas
Jignesh Shah wrote: > I tried ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5", lower > case "C" restarted the server again it shows I am > using weak ciphers which are not present in the above > property. Any clue ? Exactly which 5.5.x version? There were some bugs in this area but I can't remember the det

Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Jignesh Shah
I tried ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5", lower case "C" restarted the server again it shows I am using weak ciphers which are not present in the above property. Any clue ? thanks, Jignesh --- Mark Thomas <[EMAIL PROTECTED]> wrote: > Jignesh Shah wrote: > > I put property > Ciphers="DES

Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Mark Thomas
Jignesh Shah wrote: > I put property Ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5". It should be ciphers="DES-CBC3-SHA,RC4-SHA,RC4-MD5" Case is important. mark - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e

Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Jignesh Shah
Hi, Send the messaged first and then someone pointed out that by changing the subject line I was hijacking the message.. sorry for the mistake.. sending the question again: I have following weak ciphers as per Foundstone SSLDIgger in my tomcat(5.5) implemenation: EXP-DES-CBC-SHA EXP-RC4-MD5 DES-

Re: Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Mark Thomas
When starting a new thread (ie sending a message to the list about a new topic) please do not reply to an existing message and change the subject line. This is known as thread hijacking and to many of the list archiving services and mail clients used by list subscribers this makes your new message

Disable ciphers in tomcat 5.5 not working

2007-10-04 Thread Jignesh Shah
Hi, I have following weak ciphers as per Foundstone SSLDIgger in my tomcat(5.5) implemenation: EXP-DES-CBC-SHA EXP-RC4-MD5 DES-CBC-SHA and few strong ones RC4-MD5 RC4-SHA DES-CBC3-SHA now I want to remove support for weak ones. So in server.xml I go and for connector port 8443 for my SSL I put p