Thanks to all, for both satisfying my morbid curiosity and verifying
that it's the customer's problem, not mine.
--
JHHL
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@
On Wed, Jan 06, 2021 at 03:34:17PM -0800, James H. H. Lampert wrote:
> We just had our first Tomcat 8.5 installation on a customer's AS/400.
>
> The customer apparently has his own CA (they're a big company), and when
> I installed SSL in their Tomcat, and tested it with a browser, it
> complain
James,
> Am 07.01.2021 um 00:34 schrieb James H. H. Lampert :
>
> We just had our first Tomcat 8.5 installation on a customer's AS/400.
>
> The customer apparently has his own CA (they're a big company), and when I
> installed SSL in their Tomcat, and tested it with a browser, it complained,
On 1/6/21 3:46 PM, Robert Turner wrote:
You'll want to set the protocols, ciphers, and honorCipherOrder ...
The precise wording in the error message is:
. . . but the server presented a certificate signed using a weak
signature algorithm (such as SHA-1). . . .
Which is to say, it doesn't sou
You'll want to set the protocols, ciphers, and honorCipherOrder attributes
on either the Connector or the SSLHostConfig objects in your server.xml
file to restrict the available TLS/SSL protocols and ciphers available to
avoid using weak ones.
See the documentation here for details:
https://tomcat
We just had our first Tomcat 8.5 installation on a customer's AS/400.
The customer apparently has his own CA (they're a big company), and when
I installed SSL in their Tomcat, and tested it with a browser, it
complained, something to the general effect of "weak signature algorithm."
While it'