On 10/19/17, 10:02 AM, Christopher Schultz wrote:
The browser tells the server what cipher suites it supports during the
initial handshake, and the server decides which algorithm to use. The
client doesn't try multiple different connections to see which one
sticks. The server either replies sayin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
James,
On 10/16/17 2:35 PM, James H. H. Lampert wrote:
> I just got finished going through 20 other customer Tomcat
> installations we administer.
>
> First, I found that most of them were accepting the DHE ciphers
> I'd disabled on the problem ins
I just got finished going through 20 other customer Tomcat installations
we administer.
First, I found that most of them were accepting the DHE ciphers I'd
disabled on the problem installation, and SSLLabs was giving them bad
ratings for doing so.
Second, I found that two of the other instal
On 16/10/17 17:57, James H. H. Lampert wrote:
> Can somebody explain what just happened?
>
> This morning, we got a call from a customer whose Tomcat server (on
> their own hardware) we administer.
>
> It seems that suddenly, and without any advance warning, all but the
> oldest browsers were ref
Can somebody explain what just happened?
This morning, we got a call from a customer whose Tomcat server (on
their own hardware) we administer.
It seems that suddenly, and without any advance warning, all but the
oldest browsers were refusing to connect to the server, without offering
any ov