Sean, Tim,
Thanks for your feedback.
I've checked my JSSE version, and it's 1.0.2 global version. Which
according to the accompanying user guide has the same level of cryptography
as the domestic US version, so I don't think it's the jars that are causing
the problem.
My initial suspicion was that Tomcat 3.0 which I'm using as part of J2EE
didn't support the use of SGC certificates, which I still suspect. Tim; can
you confirm the Tomcat version with which you are successfully connecting at
128-bits?
I was aware of the 128-bit standard Thawte certs, but I never got a
connection at 128 via the test cert. They switch down to 40 dependant on
the browser and server according to Thawte. However the versions of
Netscape (4.75) and I.E (5.0) I'm running are both 128-bit compatible
according to them, which again points to the old version of Tomcat I'm using
!
Hopefully v1.3 of the J2EE with Tomcat 4.0 in it will get around this
problem, but until then I need all the help I can get.
Cheers,
Alan
