-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Borislav,
On 9/19/14 3:47 PM, Borislav Trifonov wrote: > Are you saying Tomcat can use OpenSSL instead of Java for TLS? Yes. You need to use the tcnative library ("Tomcat Native" on the Tomcat web site) along with libapr and libssl. Under a default configuration, Tomcat will auto-detect the presence of tcnative and libapr and use that for your HTTP(S) connectors. It's better to explicitly configure the connectors, though, to use APR. http://tomcat.apache.org/tomcat-8.0-doc/apr.html > That would be great, as OpenSSL does support a number of TLS-PSK > ciphers. When I originally saw your question, I did a bit of Googling. I see that Apache httpd (which also uses OpenSSL) does not support using TLS-PSK, so you may run into some problems. I'm curious: why do you require PSK instead of public certificates? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUHI8qAAoJEBzwKT+lPKRY1NsQAIo6ppY3FaVS96mnAaWMxkCC 1QBY2mbWVQHMe4XtEwy372lcSfZr4yXYpn6KIlPa7N8ml+FmmVq7oA6moYHcXBAC WA/6WQ3Sfhs7WdSfq5BsZw2XouoYD1WfU/kve4NrWKlrQfAaTFdfgplb8EWss25L jQliuanrPRgfjxuXIwQMXVYKgjjK7Fwy3oBlL5EZ2AAm7eeRk+yh62ZYQ8fQwtXU O2NJ/Pm24uINaYI3U4LCjjoxOzzpYtl1QOU+NehtGaRpSbbxAb7EofpI8+0wyOoP EWFm/gh/A1KrHRq9MBJ+IHLEswPydgh3AnCHtlZhAo67rjKcNbOj3yCN3p6nV9Mt bZp0NATyeiK5Rdbq+1lP5qoKcb+M3wIoNl9Hlzf4pgZrsSgOalD0pqZkbMIBdOFF ApKWO7ra2Bjhhm/GZlGD/kPgdlEbfg6nVrVQRRVnt0Co8abg4+T6e0sUisu4w7RB cJiMjVBuOhQaZ/A/W/9dHnsI2qcgDBMJoUgDLj4NTxWhRCHIv819AKQUohB0MDi2 Qj/W2xo1L/8vUIe4EkLdQNW0FyChEzHZYVeeg8EZYrHRRdUAfeWfcEI9rJib+3PG lcCkN6ruLK48GA38gKXS5HAa320e+JhIegQwEPIuwzOlHzq+k0kOtxvURibLF6US MX+/NrA/Y3tiBWbZFH2n =gwVs -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org