Thanks for the response. So would the desired changes in server.xml will be sslEnabledProtocols="SSL,TLS"
-Thanks Utkarsh On Tue, Jan 6, 2015 at 1:47 PM, Mark Thomas <ma...@apache.org> wrote: > On 06/01/2015 07:46, Utkarsh Dave wrote: > > Hi Team, > > > > My project is planning to upgrade to Tomcat 7.0.57 that has the fix for > > POODLE vulnerability and have the SSL protocol disable by default. > > We were up till now using the manual configuration change in server.xml > in > > order to disable use of SSL. > > > > My questions is that after upgrading to Tomcat 7.0.57, is there any > similar > > configuraion change available, through which we can re enable SSL > protocols > > again. > > Yes. The only change in 7.0.57 is to the defaults. The configuration > attributes for SSL/TLS protocols that you used to exclude SSL can now be > used to restore SSL support if required. > > Mark > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >