On Wed, Jun 22, 2016 at 10:42 PM, Mark Thomas wrote:
> On 21/06/2016 17:36, Mark Thomas wrote:
>> On 21/06/2016 14:52, Mark Thomas wrote:
>>> On 21/06/2016 14:43, Andrei Ivanov wrote:
>>
>>
>>
21-Jun-2016 13:38:41.122 FINE [https-openssl-apr-8443-exec-6]
org.apache.tomcat.util.net.AprEn
Mark,
Thanks for the hint! I added the following line to my connector and it did the
trick!
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CB
On 21/06/2016 17:36, Mark Thomas wrote:
> On 21/06/2016 14:52, Mark Thomas wrote:
>> On 21/06/2016 14:43, Andrei Ivanov wrote:
>
>
>
>>> 21-Jun-2016 13:38:41.122 FINE [https-openssl-apr-8443-exec-6]
>>> org.apache.tomcat.util.net.AprEndpoint$AprSocketWrapper.fillReadBuffer
>>> An APR general err
On 22/06/2016 16:47, James Wiley wrote:
> Hi Tomcat Users,
>
> Has anyone run into any issues supporting SSL using the JSSE Connector when
> upgrading from 7.0.68 to 7.0.69?
>
> I help maintain a web application that uses tomcat7. A recent upgrade from
> 7.0.68 to 7.0.69 has caused the tomcat7
Hi Tomcat Users,
Has anyone run into any issues supporting SSL using the JSSE Connector when
upgrading from 7.0.68 to 7.0.69?
I help maintain a web application that uses tomcat7. A recent upgrade from
7.0.68 to 7.0.69 has caused the tomcat7 instance to throw an “Error during SSL
Handshake” wi
- On Jun 22, 2016, at 1:52 PM, Bernd Lentes
bernd.len...@helmholtz-muenchen.de wrote:
> Hi,
>
> i changed maxHttpHeaderSize in server.xml following the recommendation in
> CVE-2016-3092.
> I changed it to 2048 bytes.
>
>connectionTimeout="2"
> redirectPor
Hi,
i changed maxHttpHeaderSize in server.xml following the recommendation in
CVE-2016-3092.
I changed it to 2048 bytes.
On 22/06/2016 11:29, Mark Thomas wrote:
> On 22/06/2016 09:28, Markus Näher wrote:
>> In the web console of firefox, I could see that the session cookie was
>> set with the path /jsf%5ftest, while other cookies (set by myfaces) were
>> correctly set with the path /jsf_test.
>> It looks like firefo
On 22/06/2016 09:28, Markus Näher wrote:
> Hi,
>
> I'm working on a JSF (myfaces) project that runs on Tomcat. First I
> thought it was a myfaces issue, but they told me that the container is
> responsible for the session cookie, so now I'm here :-)
That is correct. To a point. There are some thi
Note: This announcement corrects several errors and omissions in the
Tomcat aspects of the announcement for CVE-2016-3092 from the Apache
Commons project that was recently forwarded to various Apache Tomcat
mailing lists.
For the sake of clarity, the Tomcat specific corrections are as follows:
1.
Hi,
I'm working on a JSF (myfaces) project that runs on Tomcat. First I thought it was a myfaces issue,
but they told me that the container is responsible for the session cookie, so now I'm here :-)
I've created a minimal JSF test project and I called it jsf_test. When I open the tomcat manage
11 matches
Mail list logo