would be enough to convince them I don't need to use
>the javax.net.debug=ssl:handshake sledge-hammer.
>
>What version will this be in?
Next 9.0.x and 8.5.x releases.
Mark
>
>Mark Boon
>
>From: Mark Thomas
>Sent: Wednesday, July 31, 2019 8:47
m: Mark Thomas
Sent: Wednesday, July 31, 2019 8:47 AM
To: users@tomcat.apache.org
Subject: Re: Can Tomcat log handshake failures, and where?
On 30/07/2019 08:28, Mark Thomas wrote:
> Generally, processing needs to get as far as presenting a request line
> before something is added to the
On 30/07/2019 08:28, Mark Thomas wrote:
> Generally, processing needs to get as far as presenting a request line
> before something is added to the access logs. We could look at expanding
> the access logging to include connections that are dropped earlier but
> that might be a sufficiently inva
ake. But I want
to log just the failure, and not the fire-hose amount of information this gives
me for every successful handshake.
Mark
From: Christopher Schultz
Sent: Tuesday, July 30, 2019 8:13 AM
To: users@tomcat.apache.org
Subject: Re: Can Tomcat log ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 7/29/19 17:45, Mark Boon wrote:
> Apparently for compliance reasons we're required to log any failed
> connection attempt. So I'd like to know if and how I can get
> Tomcat to emit such information.
I'd try to get some clarification on tha
On 29/07/2019 22:45, Mark Boon wrote:
> We're using Tomcat 8.5 + Java 8.
>
> When I do something like openssl s_client -cipher ECDHE-RSA-NULL-SHA
> -connect :443
> (where obviously ECDHE-RSA-NULL-SHA is not specified in my cipher list on the
> Tomcat server) the message on the client side is
>
We're using Tomcat 8.5 + Java 8.
When I do something like openssl s_client -cipher ECDHE-RSA-NULL-SHA -connect
:443
(where obviously ECDHE-RSA-NULL-SHA is not specified in my cipher list on the
Tomcat server) the message on the client side is
140701349295768:error:14077410:SSL routines:SSL23_G