I haven't that would have helped a while back. Did that exist back when
Heartbleed was discovered?
On 06/15/2015 10:28 AM, Mark Thomas wrote:
On 15/06/2015 16:22, Arthur Ramsey wrote:
Agreed, I probably wouldn't trust some random binary :P, but
documentation is fairly lacking o
On 06/15/2015 09:50 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/13/15 8:42 PM, Arthur Ramsey wrote:
I have working binaries for Linux x64 and Windows x64 if anyone
needs them.
Thanks for offering, but:
1. Anyone running Linux should be able to
I have working binaries for Linux x64 and Windows x64 if anyone needs
them. It should still work with newer versions of tomcat 7 providing
the SSLProtocol is set to TLSv1? The Windows binary has SSLv2 and SSLv3
disabled at compile time.
On 6/13/2015 3:30 PM, Arthur Ramsey wrote:
Building
Building the latest from svn branch 1.1.x seems to work. I had to do
some modifications to get TLSv1.1 and TLSv1.2 when using
|SSLProtocol="all" |because I'm using tomcat 7.0.55.
Thanks for the help,
Arthur
On 6/11/2015 3:34 PM, Arthur Ramsey wrote:
On 06/11/2015 02:35
On 06/11/2015 02:35 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Arthur,
On 6/11/15 2:14 PM, Arthur Ramsey wrote:
Is anyone aware of a way to mitigate the Logjam attack with tomcat
7 and java 7?
Disable DHE_EXPORT on the server?
I believe I have, but Qualys
Is anyone aware of a way to mitigate the Logjam attack with tomcat 7 and
java 7? I use tcnative and openssl-1.0.2a both compiled from source in
production today, but I would be open to JSSE too. I believe I need
Java 8 to mitigate CVE-2015-4000 with JSSE. I don't see anyway to use a
unique 2
