> -----Ursprüngliche Nachricht-----
> Von: Thomas Hoffmann (Speed4Trade GmbH)
> <thomas.hoffm...@speed4trade.com.INVALID>
> Gesendet: Donnerstag, 7. Juli 2022 19:23
> An: Tomcat Users List <users@tomcat.apache.org>
> Betreff: AW: SSL handshake failure logs required for auditing purpose
>
> Hello Raghav,
>
> > -----Ursprüngliche Nachricht-----
> > Von: Ragavendhiran Bhiman (rabhiman) <rabhi...@cisco.com.INVALID>
> > Gesendet: Donnerstag, 7. Juli 2022 18:13
> > An: Tomcat Users List <users@tomcat.apache.org>
> > Betreff: Re: SSL handshake failure logs required for auditing purpose
> >
> > Version of tomcat used 9.0.x.
> > Kindly help on the ssl logging for auditing purpose other than -D
> > javax.net option.
> >
> > From: Ragavendhiran Bhiman (rabhiman) <rabhi...@cisco.com.INVALID>
> > Date: Thursday, 7 July 2022 at 9:41 PM
> > To: users@tomcat.apache.org <users@tomcat.apache.org>
> > Subject: SSL handshake failure logs required for auditing purpose Hi
> > All,
> >
> > I require your kind help in logging the SSl connection failure logs
> > including iP in the tomcat, Is there any best way to do It without
> > performance impact other than -Djava.net debugs in jdk, is there any
> > direct way from tomcat? Or any way we can derive any class from JSSE
> > extension classes and add HandShakeListener while using the
> > connectors. All our SSL connections are going through connectors. So
> > kindly need your help how to log those SSL connection auditing logs
> through best method.
> > Thanks a lot in advance.
> >
> > Regards,
> > Raghav
>
> Which OS are you using?
> Can you use Wireshark or TCPDump for your purposes?
> If you are using Chrome or FF as Client, you can set the environment variable
> SSLKEYLOGFILE to write the current key to a file which Wireshark can take to
> decrypt the traffic.
>
> The handshake itself is not encrypted. If the handshake is enough, TCPDump
> or Wireshark are sufficient.
>
> Greetings,
> Thomas
>
Short Addendum:
1) Do you want to write the log permanently or just for an audit session?
2) Which details do you want to log? Agreed cipher? Offered ciphers by the
client? SNI-header? ...?
3) What is the purpose of the logging?
Insecure ciphers can be mitigated by server configuration.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
AW: SSL handshake failure logs required for auditing purpose
Thomas Hoffmann (Speed4Trade GmbH) Thu, 07 Jul 2022 10:36:34 -0700
- SSL handshake failure logs required for... Ragavendhiran Bhiman (rabhiman)
- Re: SSL handshake failure logs req... Ragavendhiran Bhiman (rabhiman)
- AW: SSL handshake failure logs... Thomas Hoffmann (Speed4Trade GmbH)
- AW: SSL handshake failure ... Thomas Hoffmann (Speed4Trade GmbH)
- Re: AW: SSL handshake ... Christopher Schultz
- Re: AW: SSL hands... Ragavendhiran Bhiman (rabhiman)
- Re: AW: SSL h... Ragavendhiran Bhiman (rabhiman)
- Re: AW: S... Mark Thomas
- Re: AW: S... Ragavendhiran Bhiman (rabhiman)
- Re: AW: S... Christopher Schultz
- Re: AW: S... Ragavendhiran Bhiman (rabhiman)
- Re: SSL handshake failure logs req... Mark Thomas
- RE: SSL handshake failure logs... jonmcalexander
