2013 14:53:55 +0100
Subject: Re: Tomcat 7 / Java 7 with TLS 1.2 algorithms
From: aterrest...@gmail.com
To: users@tomcat.apache.org
According to RFC 5246 Appendix C (TLS 1.2), there is no SHA384. See :
http://www.ietf.org/rfc/rfc5246.txt
The JSSE Reference Guide also doesn't talk about
Hi
the JSSE Reference Guide defines which possibilities for anyone
implementing a JSSE provider (let's call it an API if you want).
Oracle's provider only implements a part of this API, misleading you
to believe SHA384 is available when it's unfortunately not.
About Bouncy Castle, I believe they
Thanks for clarifying the JSSE issue. It's a shame that JSSE can't make
use of available JCE algorithms. I've just been trying to establish the
limits of the Java 7 implementation, and I think I understand that now.
Yes, the ECDHE ciphersuites are definitely the choice for strongest
secrecy
Tomcat 7.0.40 seems to work well with TLS 1.2, forced by using a
sslEnabledProtocols=TLSv1.2 attribute on the Connector. But I haven't been
able to make it work with any of the SHA256/384 algorithms - they always show
up in the Ignoring unsupported cipher suite list. I get the same thing
Hello
I suppose you need to run your JVM with the unrestricted policy files (on b=
oth client and server sides). You have to download them from Oracle website=
for your java version, and replace the old.
These files are :
local_policy.jar
US_export_policy.jar
Regards
2013/8/22
://tomcat.apache.org/tomcat-7.0-doc/config/http.html
does this not work for you?
Martin Gainty
__
Please do not alter or disrupt this transmission..Thank You
From: d...@sosnoski.com
Subject: Tomcat 7 / Java 7 with TLS 1.2 algorithms
To: users
I've already done that, though as far as I can see that doesn't effect
the digest algorithms (only the encryption options).
- Dennis
On 08/23/2013 12:24 AM, Aurélien Terrestris wrote:
Hello
I suppose you need to run your JVM with the unrestricted policy files (on b=
oth client and server
According to RFC 5246 Appendix C (TLS 1.2), there is no SHA384. See :
http://www.ietf.org/rfc/rfc5246.txt
The JSSE Reference Guide also doesn't talk about this SHA384 as an
implementation requirement. See :
http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#impl
According to RFC 5246 Appendix C (TLS 1.2), there is no SHA384. See :
http://www.ietf.org/rfc/rfc5246.txt
The JSSE Reference Guide also doesn't talk about this SHA384 as an
implementation requirement. See :
http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#impl
/ Java 7 with TLS 1.2 algorithms
From: aterrest...@gmail.com
To: users@tomcat.apache.org
According to RFC 5246 Appendix C (TLS 1.2), there is no SHA384. See :
http://www.ietf.org/rfc/rfc5246.txt
The JSSE Reference Guide also doesn't talk about this SHA384 as an
implementation requirement
Thanks, Aurélien. I'd seen the SHA384 versions listed in the JSSE Cipher
Suite Names and thought they were available:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites
I was really hoping to use one of the GCM suites, but I gather those are
not
11 matches
Mail list logo
