Re: SSL issue in tomcat

Tue, 20 Jan 2015 01:30:07 -0800 

Hello,

Please keep SSLEnabled="true" along with your existing configuration

<Connector...
       enableLookups="true" disableUploadTimeout="true"
       acceptCount="100"  maxThreads="200" SSLEnabled="true" scheme="https"
secure="true"
       clientAuth="false" sslProtocols = "TLSv1,TLSv1.1,TLSv1.2" />

Rajesh

On Tue, Jan 20, 2015 at 2:47 PM, Jason Y <[email protected]> wrote:

> Hi folks,
>
> Recently my application cannot be accessible in browser with https version.
> I think it is due to vulnerability in ssl 3.0 issue.
>
> I checked my tomcat configuration and replaced sslProtocol="TLS" with
> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL 3.0.
>
>     <Connector port="8080" protocol="HTTP/1.1"
> >                connectionTimeout="20000"
> >                redirectPort="8443" />
> >     <Connector port="8443"
> > protocol="org.apache.coyote.http11.Http11Protocol"
> >                maxThreads="150" SSLEnabled="true" scheme="https"
> > secure="true"
> >                clientAuth="false"
> > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="xxx"
> > keystorePass="xxx" />
> >     <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
>
>
> Then I can open my application https link in browser. BUT, good time never
> lasts too long, after several hours, I failed to access my https link
> again.
>
> Anyone has any ideas about this? please share your suggestions...My tomcat
> version is 7.0.55
>
> Thank you all very much.
>
> On Tue, Jan 20, 2015 at 3:56 PM, Jason Y <[email protected]> wrote:
>
> > Hi folks,
> >
> > Recently my application cannot be accessible in browser with https
> > version. I think it is due to vulnerability in ssl 3.0 issue.
> >
> > I checked my tomcat configuration and replaced sslProtocol="TLS" with
> > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL 3.0.
> >
> >     <Connector port="8080" protocol="HTTP/1.1"
> >>                connectionTimeout="20000"
> >>                redirectPort="8443" />
> >>     <Connector port="8443"
> >> protocol="org.apache.coyote.http11.Http11Protocol"
> >>                maxThreads="150" SSLEnabled="true" scheme="https"
> >> secure="true"
> >>                clientAuth="false"
> >> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="xxx"
> >> keystorePass="xxx" />
> >>     <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
> >
> >
> > Then I can open my application https link in browser. BUT, good time
> never
> > lasts too long, after several hours, I failed to access my https link
> > again.
> >
> > Anyone has any ideas about this? please share your suggestions...My
> tomcat
> > version is 7.0.55
> >
> > Thank you all very much.
> >
>

Reply via email to