2013/3/5 Brijesh Deo <b...@sonicwall.com>: > Hi, > Is there a way to make TLS 1.1 required for https connection with Tomcat > server. I am currently on Tomcat 6.0.32 with JRE 1.7 on Windows 7. I tried > setting [sslProtocol="TLSv1.1"] in the Connector definition in server.xml but > that did not stop TLS 1.0 connections from being accepted. I am not using > OpenSSL and instead using JSSE as the TLS provider. > Is it possible to do it this way? Or do I need to upgrade to Tomcat 7.0 to be > able to allow only TLS 1.1 connections with https? Please let me know how to > do this.
1. If you are brave enough to use Java 7, I would recommend to use Tomcat 7.0 with it. There was a number of fixes in Tomcat connectors to allow use of Java 7, e.g. in 6.0.34 2. If TLS 1.1 uses different ciphers, may be you can configure the list of ciphers to be limited to those ones. (I have not tried, just an idea). 3. Beware of issue 54406. https://issues.apache.org/bugzilla/show_bug.cgi?id=54406 Best regards, Konstantin Kolinko --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
