Christopher Schultz-2 wrote > Yup: if you use iptables (ipchains hasn't been used in ... decades?) > to do port-redirection, then you are in fact hitting Tomcat / JVM > (essentially) directly.
Yes - iptables, sorry brain fart. Christopher Schultz-2 wrote > Can you confirm whether or not you are using the OpenSSL provider? How can I verify my provider? Christopher Schultz-2 wrote > What version of OpenSSL are you using? These cipher suites should have > well-known names and numeric identifiers (which is how the TLS > handshake works), but it looks like the cipher suite names are somehow > being confused. OpenSSL 1.0.2g Christopher Schultz-2 wrote > What happens if you narrow your cipher suite list down to a single > cipher? Does ssllabs report just a single available cipher (even if > it's not the one you configured)? > > - -chris Whether I put in a single cipher, literal garbage text, or the list that I want - ssllabs reports the same list of ciphers detected as I posted above. I also get the same cipher on Chrome that is not in the list I'm putting in my configuration as well. -- View this message in context: http://tomcat.10.x6.nabble.com/8-5-11-8-5-14-using-SSLHostConfig-protocols-and-ciphers-list-ignored-tp5062900p5064960.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
