-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Martin,
On 1/10/13 10:35 PM, Martin Gainty wrote: > its a simple question what does ciphers parameter in Connector > have anything to do with the supported ciphers from the key itself > the 2 are disconnected Supported ciphers may be set in the connector without regard to any details of the server's X509 key or the certificate created with it. You can have an RSA key and still support RC4-SHA as one of your ciphers. Likewise, you can use a DSA key (for which OpenSSL always uses MD5 as the signature algorithm) with ciphers that use SHA1 as the signature algorithm. Keys/certs and ciphers are entirely orthogonal in the algorithms they support. SSL uses asymmetric encryption to exchange symmetric cipher keys using any cipher upon which the server and client can agree. Those ciphers are not limited by anything in the server's certificate or key. > please dont waste my time and anyone elses with insults when you > are unable to answer this simple question I have answered it above. If you disagree with my answer, please be specific. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEAREIAAYFAlDwNQYACgkQ9CaO5/Lv0PATEQCgo3LI5SbHiChoPJRgT1kKHDAO ZyMAoJdz9eMl8xRXhvDEfIOfOITTbLHi =f/P3 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org