Hello,
I have both Apache and Tomcat running on the same RHEL. I have successfully
configured Apache to use OpenSSL TLSv1.2, but I cannot get Tomcat to use
TLSv1.2. Tomcat for some reason
will only use TLV 1.0, and that is no good. No matter what parameter I set
in the server.xml sslProtocol directive it won’t change. Seems like it’s
getting that directive somewhere else but I can't locate.
<Connector
port="8443"
scheme="https"
secure="true"
protocol="org.apache.coyote.http11.Http11AprProtocol"
SSLEnabled="true"
SSLCertificateFile="/auto/englearn-web/ssl_certificate/server.cer"
SSLCertificateChainFile="/auto/englearn-web/ssl_certificate/chain.cer"
SSLCertificateKeyFile="/auto/englearn-web/ssl_certificate/server.key"
SSLCipherSuite="RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW"
SSLHonorCipherOrder="true"
maxThreads="150"
clientAuth="false"
sslProtocol="-all +TLSv1.2"
/>
OpenSSL 1.0.2d
Tomcat 7.0.39 (I know it’s old, but it's what I have to work with at this
time)
Thank you for any insight.
-John
