https://issues.apache.org/bugzilla/show_bug.cgi?id=57234
--- Comment #2 from Konstantin Kolinko <knst.koli...@gmail.com> --- > I didn't check to see if SSLv2Hello is returned by > socket.getEnabledProtocols() It is possible to turn on logging with org.apache.tomcat.util.net.jsse.JSSESocketFactory.level = FINE In my experiments SSLv2Hello is listed as present and excluded by protocol name filtering (running with Oracle JDK 8u25). According to [2] Java 7 clients do not have SSLv2Hello enabled by default. Is there anything (non having EOL status) actively using it? Do "generic purpose" web servers (configured by default) need it? It can be enabled with explicit configuration. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
