Diarmuid, On 27.8.2015 22:31, dmccrthy wrote:
* our non-production server with the same versions of all client software connects with no errors to a non-production instance of the same 3rd party service using the same cipher suite. So the tool we're using is our 3rd party client Web app (the "Tomcat client"). It shows the same negotiation from TLSv1.2 down to TLSv1. My reading of your comments is that the truststore/keystore has no bearing here because it's an outgoing client connection and there are no inbound connections at play.
There are too many differences between working and non-working environments: client, firewall and server. Could you narrow that down? Could you connect from non-production client to production server, and vice versa? Could you move production client to non-production firewall, or non-production client to production firewall?
-Ognjen --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
