Hello Chuck, Thanks for replying, I understood this is old, our product has already upgraded to latest version, but somehow, some of our users are still in such old stage, they do not plan uptake now but they want disable SSL V3 as everybody know this is big security vulnerability.
*so now the important thing is how I can disable SSL V3 on Tomcat 6.0.18.0? I cannot find the solution* Jammy 2015-01-29 22:00 GMT+08:00 Caldarale, Charles R <chuck.caldar...@unisys.com> : > > From: Jammy Chen [mailto:jamm...@gmail.com] > > Subject: How-to disable SSL V3 on Tomcat 6.0.18.0 > > > Do everybody knows how-to disable SSL v3 in older tomcat version > > > Server version: Apache Tomcat/6.0.18 > > Server built: Jul 22 2008 02:00:36 > > Yes - move up to a current level and read the docs. > > Seriously, if you're using a Tomcat of that vintage (this one is more than > 6.5 years old), you have a lot more security issues to worry about than > SSLv3. It's irresponsible not to upgrade. > > > OS Name: Windows 2003 > > A few months from end-of-life. > > > JVM Version: 1.6.0-b105 > > Two years past end-of-life. > > Is there a pattern here? > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you > received this in error, please contact the sender and delete the e-mail and > its attachments from all computers. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
