uma...@comcast.net wrote: > Yes I saw that statement in the document. I was hoping > someone here could tell me identify the default ciphers used > by JDK6 (which is what I use under Tomcat6). > > This info seems basic enough; but I am unable to find it.
Hmm. It doesn't seem that you looked that hard. > I understand this is Tomcat list - I hope I do not get flamed for > asking a JDK question. http://java.sun.com/javase/6/docs/ "Security" leads to http://java.sun.com/javase/6/docs/technotes/guides/security/index.html "Standard Algorithm Names" leads to http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html and finally "Additional JSSE Standard Names" leads to http://java.sun.com/javase/6/docs/technotes/guides/security/StandardNames.html#jssenames# You could also have just searched the archives for the users list. Searching for "default ciphers" would have found this: http://tomcat.markmail.org/search/default+ciphers+list:org%2Eapache%2Etomcat%2Eusers Ignoring your thread, the answer you want is the first one in the list. Mark > > Regards, > > /U > ----- Original Message ----- > From: Charles R Caldarale > To: Tomcat Users List > Sent: Fri, 23 Oct 2009 03:09:34 +0000 (UTC) > Subject: RE: Default SSL ciphers supported by Tomcat 6 > >> From: uma...@comcast.net [mailto:uma...@comcast.net] >> Subject: Default SSL ciphers supported by Tomcat 6 >> >> I am looking for the default set of SSL(v3) ciphers supported by >> Tomcat 6.0.x. > > It's in the doc: > > "ciphers > > "The comma separated list of encryption ciphers that this socket is allowed > to use. By default, the default ciphers for the JVM will be used. Note that > this usually means that the weak export grade ciphers will be included in the > list of available ciphers. The ciphers are specified using the JSSE cipher > naming convention." > > http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html > > Tomcat does not include any encryption capability of its own, unless you're > using APR. For that, you'll need to look at the OpenSSL doc. > > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
