Please see: https://community.qualys.com/thread/11882 Disable the weak ciphers.
The Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy is needed when you want to run AES256 (you want this). Regards, Harrie On 21 September 2016 at 12:18, Román Valoria <romanvalo...@gmail.com> wrote: > Dear all: > > I need to configure Tomcat 7.0.65 with Java 6, both 64-bit. > > I have managed to make it work with update 121 in using the SSL protocol > TLS 1.2. > > Now I need to exert some control over the cipher suites used on that > protocol. > > I am unable to come up with the list of supported cipher suite names to > use. > > Both JRE and JDK are in: > > https://support.oracle.com/epmos/faces/PatchResultsNDetails?patchId= > 9553040 > > I am using both the Java 6 and 7 documentation to come up with the cipher > suite names: > > Java Cryptography Architecture Sun ProvidersDocumentation > <http://docs.oracle.com/javase/6/docs/technotes/ > guides/security/SunProviders.html> > > > Java PKCS#11 Reference Guide > <http://docs.oracle.com/javase/6/docs/technotes/ > guides/security/p11guide.html#ALG> > > > Standard Algorithm Name Documentation > <http://docs.oracle.com/javase/7/docs/technotes/ > guides/security/StandardNames.html#Cipher> > > > Java Cryptography Architecture Oracle ProvidersDocumentation > <http://docs.oracle.com/javase/7/docs/technotes/ > guides/security/SunProviders.html#SunJSSEProvider> > > > As per the above I even tried downloading the Java Cryptography Extension > for Java 6 from: > > Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy > Files 6 > <http://www.oracle.com/technetwork/java/embedded/ > embedded-se/downloads/jce-6-download-429243.html> > > > But that is for 32-bit and failed anyway. > > Am I missing something? > > Thanks and regards. >
