Chris,
I already posted solution.
I had to set unlimited strength cryptography policy.
Unlimited strength JCE is available from Sun on same download page as JDK.
There are 2 jar files that must be copied in $JDK_HOME/jre/lib/secuirty
It so simple.
Regards,
Max
Christopher Schultz wrote:
---
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| Chris,
|
| Thank You. I just got solution from colleague. I was going to post it
here.
Yes, please post your solution, including complete instructions.
Post it under a new thread so folks who haven't been reading this on
Chris,
Thank You. I just got solution from colleague. I was going to post it here.
Installing unlimited strength cryptography policy fixed the problem.
Cipher I posted is from Java6.
I think all Tomcats with SSL must be running with such policy now.
May be it is good to post it to tomcats ssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| compression="on"
| compressionMinSize="2048"
| noCompressionUserAgents="gozilla, traviata"
|
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/javascript,text/
Chris,
tomcat 6.0.14
java 6
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/javascript,text/plain"
ciphers="TLS_RSA_WITH_AES_256_CBC_SHA"
keystoreFile="conf/keystore"
keystorePass="changeit"
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| Right now I am using pure Java solution with keystore.
| I am debating to move to APR.
What version of Tomcat are you using? Can you post your
configuration from server.xml? That would be very helpful in diagnosing
your
Right now I am using pure Java solution with keystore.
I am debating to move to APR.
Thanks,
Max
On Feb 5, 2008 5:21 PM, Christopher Schultz <[EMAIL PROTECTED]>
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Max,
>
> Max Sevenfold wrote:
> | I woul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Max,
Max Sevenfold wrote:
| I would like to disable low grade encryption in Tomcat.
Are you using Tomcat's native APR library?
- -chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla -
Hello,
I would like to disable low grade encryption in Tomcat.
I have cert that uses 256/1024bit encryption with Apache but same cert
with tomcat uses
128/768bit encryption.
The problem is public key size 768 bit that is no more considered secure
by Opera.
The problem was discussed here
