-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Nikitha,
On 8/5/15 6:52 AM, Nikitha Benny wrote:
Thank you for your valuable suggestion.
I just ran the openssl s_client scan, and it looks like the server
side is running fine on *TLSv1.2* Protocol.
[root]## *openssl s_client -connect
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sanaullah,
On 8/5/15 5:54 AM, Sanaullah wrote:
run the sslscan tool from the command line
https://github.com/rbsec/sslscan
I haven't used that tool in a very long time, because it never updated
to support newer protocols (like TLS, I think).
Hi Mark,
When I try to run Tomcat on the https server port:
*https://ip address:8444/*
It says as below:
--
*SSL connection error*
*ERR_SSL_PROTOCOL_ERROR*
*Unable to make a secure connection to the server. This may be a problem
with the server, or it may be requiring a client
On 05/08/2015 07:32, Nikitha Benny wrote:
Hi Mark,
When I try to run Tomcat on the https server port:
*https://ip address:8444/*
It says as below:
--
*SSL connection error*
*ERR_SSL_PROTOCOL_ERROR*
*Unable to make a secure connection to the server. This may be a problem
Hi Mark,
My server is not on a public domain.
How can i verify the setup which is on a private network?
Regards,
Nikitha
On Wed, Aug 5, 2015 at 2:14 PM, Mark Thomas ma...@apache.org wrote:
On 05/08/2015 07:32, Nikitha Benny wrote:
Hi Mark,
When I try to run Tomcat on the https server
Hi Nikhita,
run the sslscan tool from the command line or openssl s_client in debug mode
https://github.com/rbsec/sslscan
Regards,
Sanaullah
On Wed, Aug 5, 2015 at 2:23 PM, Nikitha Benny nikki.be...@gmail.com wrote:
Hi Mark,
My server is not on a public domain.
How can i verify the setup
Hi Mark, Sanaullah,
Thank you for your valuable suggestion.
I just ran the openssl s_client scan, and it looks like the server side is
running fine on *TLSv1.2* Protocol.
[root]## *openssl s_client -connect 16.183.93.84:8444
http://16.183.93.84:8444*
CONNECTED(0003)
- - - - - - -
- - - -
run this command with debugging prints.
openssl s_client -connect 16.183.93.84:8444 -debug -msg
Protocol : *TLSv1.2*
Cipher:
it seems something broken as there is no Cipher
Regards,
Sanaullah
On Wed, Aug 5, 2015 at 3:52 PM, Nikitha Benny nikki.be...@gmail.com wrote:
Hi Mark,
Hi Sanaullah,
That is because we have removed the entire ciphers attribute from the
server.xml file.
But that should be fine as the non complaint FIPS also has the cipher
attribute removed and it shows the similar client to server conection and
runs fine.
Regards,
Nikitha
On Wed, Aug 5, 2015 at
if you remove the entire ciphers attribute from the server.xml then by
default ssl/TLS session pick the best available cipher from the ssl/tls
handshake version.
On Wed, Aug 5, 2015 at 4:10 PM, Nikitha Benny nikki.be...@gmail.com wrote:
Hi Sanaullah,
That is because we have removed the
Hello All,
We are working on Tomcat 7.00.062 with java 1.08.045.
We require to configure FIPS compliancy on the Tomcat.
We were successful in configuring FIPS compliancy on java 1.08.045.
A keystore file has already been created for Tomcat.
When we run the Tomcat 7.00.062 with the FIPS
On 04/08/2015 09:30, Nikitha Benny wrote:
Hello All,
We are working on Tomcat 7.00.062 with java 1.08.045.
We require to configure FIPS compliancy on the Tomcat.
We were successful in configuring FIPS compliancy on java 1.08.045.
A keystore file has already been created for Tomcat.
Hello Mark,
Thanks for your valuable suggestion.
We were successful in creating the pkcs12 keystore which picks up SHA256 as
shown below:
-
[root]## /jre/b/bin/keytool -v -list -storetype pkcs12 -keystore
tomcat.keystore
Enter keystore password:
*Keystore type: PKCS12*
*Keystore
On 04/08/2015 13:19, Nikitha Benny wrote:
Hello Mark,
Thanks for your valuable suggestion.
We were successful in creating the pkcs12 keystore which picks up SHA256 as
shown below:
snip/
But still Tomcat does not run on the https port.
Define does not run.
Any clue as to why this
But still Tomcat does not run on the https port.
As in, when we run Tomcat on the https server port it does not display the
page.
Where as it goes through fine on the http port. The url opens.
On Tue, Aug 4, 2015 at 6:18 PM, Mark Thomas ma...@apache.org wrote:
On 04/08/2015 13:19, Nikitha
15 matches
Mail list logo