On 3/11/2022 9:40 AM, Rob Sargent wrote:
On Mar 11, 2022, at 8:17 AM, Thomas Hoffmann (Speed4Trade GmbH)
wrote:
-Ursprüngliche Nachricht-
Von: Rob Sargent
Gesendet: Freitag, 11. März 2022 15:14
An: Tomcat Users List
Betreff: Re: correct usage of properties to supply database
Torsten,
On 3/11/22 06:03, Torsten Krah wrote:
It seems to me you are listing a cipher that might be correct
according to the OpenSSL documentation, but then whether that is
available to your JVM may be different.
That is for sure not the problem - just use the "ciphers.sh" from the
binary
Greetings!
I have a problem, possibly (or not) tied to the Tomcat-JDBC Pool. Here
is the rundown:
Application Server: Apache Tomcat 9.0.56
JDBC Connection Pool: org.apache.tomcat.jdbc.pool.DataSource; Tomcat-JDBC
9.0.56
Oracle Version: Oracle Database 19c Enterprise Edition Release 19.0.0.0.0
> On Mar 11, 2022, at 8:17 AM, Thomas Hoffmann (Speed4Trade GmbH)
> wrote:
>
>
>
>> -Ursprüngliche Nachricht-
>> Von: Rob Sargent
>> Gesendet: Freitag, 11. März 2022 15:14
>> An: Tomcat Users List
>> Betreff: Re: correct usage of properties to supply database port
>>
>>
>>
> -Ursprüngliche Nachricht-
> Von: Rob Sargent
> Gesendet: Freitag, 11. März 2022 15:14
> An: Tomcat Users List
> Betreff: Re: correct usage of properties to supply database port
>
>
>
> > On Mar 11, 2022, at 6:50 AM, Mark H. Wood wrote:
> >
> > On Thu, Mar 10, 2022 at 09:40:48AM
> On Mar 11, 2022, at 6:50 AM, Mark H. Wood wrote:
>
> On Thu, Mar 10, 2022 at 09:40:48AM -0700, Rob Sargent wrote:
>> About context/context/value: I have this context.xml. Is the value
>> correctly inside the outer Context?
>>
>>
>>
>> > name="jdbc/sgsdb/tbar"
>>
On Thu, Mar 10, 2022 at 09:40:48AM -0700, Rob Sargent wrote:
> About context/context/value: I have this context.xml. Is the value
> correctly inside the outer Context?
>
>
>
> name="jdbc/sgsdb/tbar"
> url="jdbc:postgresql://localhost:5432:/tbar"
>
> It seems to me you are listing a cipher that might be correct
> according to the OpenSSL documentation, but then whether that is
> available to your JVM may be different.
That is for sure not the problem - just use the "ciphers.sh" from the
binary directory of tomcat which will list you all
CONFIDENTIAL & RESTRICTED
Hello Torsten.
It seems to me you are listing a cipher that might be correct according to the
OpenSSL documentation, but then whether that is available to your JVM may be
different.
Maybe you can run some small java application on the very same JVM to simply
list the
> -Ursprüngliche Nachricht-
> Von: Torsten Krah
> Gesendet: Freitag, 11. März 2022 10:30
> An: users@tomcat.apache.org
> Betreff: Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
>
> Am Freitag, dem 11.03.2022 um 09:17 + schrieb Thomas Hoffmann
> (Speed4Trade
Am Freitag, dem 11.03.2022 um 09:17 + schrieb Thomas Hoffmann
(Speed4Trade GmbH):
> The configuration which works for me is:
>
> protocol="org.apache.coyote.http11.Http11NioProtocol"
>
>
> sslImplementationName="org.apache.tomcat.util.net.openssl.OpenSSLImpl
> ementation"
>
>
Am Freitag, dem 11.03.2022 um 10:09 +0100 schrieb Torsten Krah:
> So it seems like a bug to me, right?
I had a quick look on the JNI SSLContext code + the native
implementation:
TCN_IMPLEMENT_CALL(jboolean, SSL, setCipherSuites)(TCN_STDARGS, jlong ssl,
> -Ursprüngliche Nachricht-
> Von: Torsten Krah
> Gesendet: Freitag, 11. März 2022 10:01
> An: users@tomcat.apache.org
> Betreff: Re: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
>
> Am Freitag, dem 11.03.2022 um 08:52 + schrieb Thomas Hoffmann
> (Speed4Trade
Am Freitag, dem 11.03.2022 um 09:50 +0100 schrieb Torsten Krah:
> (error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)
Reading that message and looking at:
https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites
there it is written that with TLS 1.3:
Applications should use the
Am Freitag, dem 11.03.2022 um 08:52 + schrieb Thomas Hoffmann
(Speed4Trade GmbH):
> Hello,
>
> the protocol attribute looks a bit strange.
>
> I think it should be:
>
> protocols="+TLSv1.2,+TLSv1.3">
I tried standalone TLS 1.3 like you suggested:
protocols="+TLSv1.3"
still the same
> -Ursprüngliche Nachricht-
> Von: Torsten Krah
> Gesendet: Freitag, 11. März 2022 09:35
> An: users@tomcat.apache.org
> Betreff: Tomcat 9.0.59 - TLS 1.3 cipher configuration ignored (TLS 1.2 ok)
>
> Hi,
>
> I am using Tomcat 9.0.59 and configured it like that:
>
>
>
Interesting exception on startup when using TLS 1.3 only - configured
the connector like this:
using only TLS 1.3 and the configured ciphers but now I get this on startup:
11-Mar-2022 09:43:42.753 WARNUNG [main]
org.apache.tomcat.util.net.openssl.OpenSSLContext.init Fehler beim
Hi,
I am using Tomcat 9.0.59 and configured it like that:
...
Output is:
[main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded
Apache Tomcat Native library [1.2.31] using APR version [1.7.0].
[main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR
18 matches
Mail list logo
