Brijesh,
On 5.3.2013 11:47, Brijesh Deo wrote:
Thanks Ognjen. I tried with -Dhttps.protocols="TLSv1.1" in Tomcat startup but
even this doesn’t work with Tomcat 6.0. Looks like upgrading to Tomcat 7.0 seems to be
the only way to achieve this easily through configuration in server.xml.
That was strange, so I started looking where Tomcat 6.0.32 sets enabled
protocols. Here it is (JSSESocketFactory.java, lines 789-791):
String requestedProtocols = (String) attributes.get("protocols");
setEnabledProtocols(socket, getEnabledProtocols(socket,
requestedProtocols));
It seems that Tomcat 6.0.32 (and probably other 6.0.xx versions) use
undocumented attribute for HTTPS connector "protocols". So in Tomcat 7
you might use:
sslProtocol="TLSv1.1" sslEnabledProtocols="TLSv1.1"
and in Tomcat 6.0.32:
sslProtocol="TLSv1.1" protocols="TLSv1.1"
It works for me.
-Ognjen
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org