Thanks Markus. Now a different issue is occurring. One specific version of the URL is using TLS 1.0.
https://server.domain.com On Thu, Mar 5, 2020 at 10:44 AM i...@flyingfischer.ch <i...@flyingfischer.ch> wrote: > Try SSLProtocol="TLSv1.2" (mind the case) instead of sslProtocol="-all > +TLSv1.2". > > Had this issue too. The connector parameters for SSL are a huge mess and > have been changed constantly. > > Best > Markus > > Am 05.03.20 um 19:30 schrieb rugman66 .: > > Hello, > > > > > > > > I have both Apache and Tomcat running on the same RHEL. I have > successfully > > configured Apache to use OpenSSL TLSv1.2, but I cannot get Tomcat to use > > TLSv1.2. Tomcat for some reason > > > > will only use TLV 1.0, and that is no good. No matter what parameter I > set > > in the server.xml sslProtocol directive it won’t change. Seems like it’s > > getting that directive somewhere else but I can't locate. > > > > > > > > <Connector > > > > port="8443" > > > > scheme="https" > > > > secure="true" > > > > protocol="org.apache.coyote.http11.Http11AprProtocol" > > > > SSLEnabled="true" > > > > > SSLCertificateFile="/auto/englearn-web/ssl_certificate/server.cer" > > > > > > SSLCertificateChainFile="/auto/englearn-web/ssl_certificate/chain.cer" > > > > > > SSLCertificateKeyFile="/auto/englearn-web/ssl_certificate/server.key" > > > > SSLCipherSuite="RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW" > > > > SSLHonorCipherOrder="true" > > > > maxThreads="150" > > > > clientAuth="false" > > > > sslProtocol="-all +TLSv1.2" > > > > /> > > > > > > > > OpenSSL 1.0.2d > > > > Tomcat 7.0.39 (I know it’s old, but it's what I have to work with at this > > time) > > > > > > Thank you for any insight. > > > > -John > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
