Please follow the Apache document for the connector configuration. Here is the sample connector configuration
<Connector port="7443" protocol="org.apache.coyote.http11.Http11Protocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" clientAuth="true" sslProtocol="TLSv1.2" keystoreFile="/opt/certs/pay.jks" keystorePass="*******" keyAlias="****" truststoreFile="/opt/certs/trust.jks" truststorePass="**************" ciphers="*************************************"/> [1] http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html On Tue, Jan 20, 2015 at 2:17 PM, Jason Y <day...@gmail.com> wrote: > Hi folks, > > Recently my application cannot be accessible in browser with https version. > I think it is due to vulnerability in ssl 3.0 issue. > > I checked my tomcat configuration and replaced sslProtocol="TLS" with > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL 3.0. > > <Connector port="8080" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="8443" /> > > <Connector port="8443" > > protocol="org.apache.coyote.http11.Http11Protocol" > > maxThreads="150" SSLEnabled="true" scheme="https" > > secure="true" > > clientAuth="false" > > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="xxx" > > keystorePass="xxx" /> > > <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> > > > Then I can open my application https link in browser. BUT, good time never > lasts too long, after several hours, I failed to access my https link > again. > > Anyone has any ideas about this? please share your suggestions...My tomcat > version is 7.0.55 > > Thank you all very much. > > On Tue, Jan 20, 2015 at 3:56 PM, Jason Y <day...@gmail.com> wrote: > > > Hi folks, > > > > Recently my application cannot be accessible in browser with https > > version. I think it is due to vulnerability in ssl 3.0 issue. > > > > I checked my tomcat configuration and replaced sslProtocol="TLS" with > > sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL 3.0. > > > > <Connector port="8080" protocol="HTTP/1.1" > >> connectionTimeout="20000" > >> redirectPort="8443" /> > >> <Connector port="8443" > >> protocol="org.apache.coyote.http11.Http11Protocol" > >> maxThreads="150" SSLEnabled="true" scheme="https" > >> secure="true" > >> clientAuth="false" > >> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="xxx" > >> keystorePass="xxx" /> > >> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> > > > > > > Then I can open my application https link in browser. BUT, good time > never > > lasts too long, after several hours, I failed to access my https link > > again. > > > > Anyone has any ideas about this? please share your suggestions...My > tomcat > > version is 7.0.55 > > > > Thank you all very much. > > >