Thanks,
Will explore JSSE options.
On Thu, Mar 9, 2017 at 7:18 PM, Jammy Chen wrote:
> If you are using JSSE which you mentioned in earlier post, you probably can
> only enable debug for all or specially one
> -Djavax.net.debug=ssl:record or -Djavax.net.debug=ssl:handshake -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Durga,
On 3/9/17 3:34 AM, Durga Srinivasu Karuturi wrote:
> This is one of the requirement from FIPS/CC certification.
Can you provide a reference for this requirement?
- -chris
> On Wed, Mar 8, 2017 at 11:03 PM, Christopher Schultz <
>
If you are using JSSE which you mentioned in earlier post, you probably can
only enable debug for all or specially one
-Djavax.net.debug=ssl:record or -Djavax.net.debug=ssl:handshake - but it
will log all sessions
You could try to register a customized SSL socket factory in JSSE, you may
extend
Our application meaning on RHEL machine within JVM with embedded tomcat
(with single web-app)
Okay, tomcat may not have this information on handshake failures.
I need to see little higher level for capturing these failures.
Thanks for answers so far.
Thanks,
Durga Srinivasu
On Thu, Mar 9,
On 09.03.2017 09:34, Durga Srinivasu Karuturi wrote:
This is one of the requirement from FIPS/CC certification.
Thanks,
Durga Srinivasu
Durga,
I believe that in your original post, you said :
"We have a requirement in our application to log all TLS session failures."
You should probably
This is one of the requirement from FIPS/CC certification.
Thanks,
Durga Srinivasu
On Wed, Mar 8, 2017 at 11:03 PM, Christopher Schultz <
ch...@christopherschultz.net> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Durga,
>
> On 3/8/17 10:02 AM, Durga Srinivasu Karuturi wrote:
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Durga,
On 3/8/17 10:02 AM, Durga Srinivasu Karuturi wrote:
> We are using JSSE only not APR. Looking for handshake failures.
>
> Yes, using JSSE SSL debug, we are able to get all handshake
> (-Djavax.net.debug=ssl:handshake) logs including
Chris,
We are using JSSE only not APR. Looking for handshake failures.
Yes, using JSSE SSL debug, we are able to get all handshake
(-Djavax.net.debug=ssl:handshake) logs including success cases. These are
still quite bit expense logs and meant for debug purposes. As you said it
might impact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Durga,
On 3/8/17 9:29 AM, Durga Srinivasu Karuturi wrote:
> We have a requirement in our application to log all TLS session
> failures.
Specifically, what kind of failures? Failed handshakes? Initial or
re-negotiation? Are you using JSSE or APR?
Hi,
We have a requirement in our application to log all TLS session failures.
We are using Tomcat 8.5.11 using JSSE for SSL layer. Is there any way to
configure tomcat to log/trace any TLS Failure on tomcat sessions?
Thanks,
Durga Srinivasu
10 matches
Mail list logo