Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

t the behavior OP is reporting, here. All the evidence so far points to user error. +1 -chris -Original Message- From: Christopher Schultz Sent: Monday, October 18, 2021 10:14 PM To: users@tomcat.apache.org Subject: Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL N

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

esday, October 19, 2021 2:11 PM To: Tomcat Users List Subject: AW: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL Hello, I can recommend SSLScan for verifying your configuration: https://protect2.fireeye.com/v1/url?k=b3c1d19c-ec5aebd9-b3c19107-867b36d1634c-7180cbae66c5853c&q=1&

AW: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

disabled TLSv1.1 disabled TLSv1.2 enabled TLSv1.3 enabled Greetings, Thomas -Ursprüngliche Nachricht- Von: Mark Thomas Gesendet: Dienstag, 19. Oktober 2021 10:18 An: users@tomcat.apache.org Betreff: Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL On 19/10/2021

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

From: Christopher Schultz Sent: Monday, October 18, 2021 10:14 PM To: users@tomcat.apache.org Subject: Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL Natraj, On 10/18/21 01:19, Natraj Thekkan wrote: @Mark Thanks for your response. We have tested by removing that line of

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

of TLS version in HTTP2 over HTTPS with OpenSSL Natraj, On 10/18/21 01:19, Natraj Thekkan wrote: > @Mark > Thanks for your response. > > We have tested by removing that line of code, still client able to establish > the connection with server using TLSv1 and TLSv1.

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

Natraj, On 10/18/21 01:19, Natraj Thekkan wrote: @Mark Thanks for your response. We have tested by removing that line of code, still client able to establish the connection with server using TLSv1 and TLSv1.1. Below one is configured in java.security file. jdk.tls.disabledAlgorithms=

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

Mark Regards, Natraj -Original Message- From: Mark Thomas Sent: Thursday, October 14, 2021 4:11 PM To: users@tomcat.apache.org Subject: Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL On 14/10/2021 10:28, Natraj Thekkan wrote: Hi, We are using tomcat version 9.0.46. Cou

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

ber 14, 2021 4:11 PM To: users@tomcat.apache.org Subject: Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL On 14/10/2021 10:28, Natraj Thekkan wrote: > Hi, > > We are using tomcat version 9.0.46. > Could you please provide suggestion to restrict the TLS version in HTTP2

Re: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

clients. You should be able to remove to remove the sslHostConfig.setSslProtocol("TLS"); line. It is only used with JSSE. Mark Regards, Natraj From: Natraj Thekkan Sent: Wednesday, October 13, 2021 10:15 AM To: 'users@tomcat.apache.org' Subject: Restriction of TLS version

RE: Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

ion of TLS version in HTTP2 over HTTPS with OpenSSL Hi, We have tried to restrict the TLS version in https connection establishment in embedded tomcat for OpenSSL based implementation. With this part of the code, TLSv1.0/TLSv1.1 client also able to connect with our https server. Please let us k

Restriction of TLS version in HTTP2 over HTTPS with OpenSSL

Hi, We have tried to restrict the TLS version in https connection establishment in embedded tomcat for OpenSSL based implementation. With this part of the code, TLSv1.0/TLSv1.1 client also able to connect with our https server. Please let us know how we can restrict the TLS version in HTTP2 ove