Am 2013-08-25 14:21, schrieb Jesse Barnum:
How come Java 6 can connect to SSL running on Apache without this
setting, but not to Tomcat running APR/SSL?
On Aug 24, 2013, at 12:15 PM, Michael-O <1983-01...@gmx.net> wrote:
I had this problem months ago too. APR Connector ist fine. The
problem with Java 6 is that the URLConnection -- JSSE -- sends a
SSLv2Hello and this breaks everything. I have restricted this for
Java 6 clients at work. Java 7 does not suffer from this because
this is disabled by default.
First, do not top-post please.
1. Did you configure mod_ssl and APR Connector the same way?
2. Did you inspect the traffic with Wireshark? Help me a lot.
Maybe you are running in a cypher mismatch too. What we do use is
"TLSv1" and "HIGH:!ADH". Everything below TLSv1 is outdated and
insecure. Though TLSv1 is (very) old too but it is the best match at the
moment.
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
