Hi All,
I am in process of migrating my application from tomcat 7.0.70 to 8.5.5 and
getting some issues
My connector settings of 7.0.70 is
<Connector port="443"
protocol="HTTP/1.1"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
keystoreFile="conf/my-server.keystore"
keystorePass="changeit"
keystoreType="jks"
compression="on"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-javascript,application/javascript"
address="<address>"
ciphers="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA"
clientAuth="false"
sslProtocol="TLS"
sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
maxPostSize="10485760" />
And connector settings of 8.5.5 is
<Connector port="443"
protocol="org.apache.coyote.http11.Http11NioProtocol"
SSLEnabled="true"
maxThreads="150"
scheme="https"
secure="true"
compression="on"
compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-javascript,application/javascript"
address="<address>"
maxPostSize="10485760" >
<SSLHostConfig sslProtocol="TLS"
protocols="TLSv1,TLSv1.1,TLSv1.2"
ciphers="TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA">
<Certificate
certificateKeystoreFile="conf/my-server.keystore"
certificateKeystorePassword="changeit"
certificateKeystoreType="jks"
certificateKeyAlias="tomcat"
certificateVerification="true" />
</SSLHostConfig>
</Connector>
Things are working fine with tomcat 7.0.70 but with tomcat 8.5.5, while
accessing application in browser, I am getting message
"This site can't provide a secure connection
localhost uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH"
What is the mistake I am doing in migration.
Please help
Regards
Manish
