-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Rajesh,
On 1/20/15 4:27 AM, Rajesh Biswas wrote: > Please keep SSLEnabled="true" along with your existing > configuration > > <Connector... enableLookups="true" disableUploadTimeout="true" > acceptCount="100" maxThreads="200" SSLEnabled="true" > scheme="https" secure="true" clientAuth="false" sslProtocols = > "TLSv1,TLSv1.1,TLSv1.2" /> There is no "sslProtocols" configuration directive. - -chris > On Tue, Jan 20, 2015 at 2:47 PM, Jason Y <day...@gmail.com> wrote: > >> Hi folks, >> >> Recently my application cannot be accessible in browser with >> https version. I think it is due to vulnerability in ssl 3.0 >> issue. >> >> I checked my tomcat configuration and replaced sslProtocol="TLS" >> with sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL >> 3.0. >> >> <Connector port="8080" protocol="HTTP/1.1" >>> connectionTimeout="20000" redirectPort="8443" /> <Connector >>> port="8443" protocol="org.apache.coyote.http11.Http11Protocol" >>> maxThreads="150" SSLEnabled="true" scheme="https" >>> secure="true" clientAuth="false" >>> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" keystoreFile="xxx" >>> keystorePass="xxx" /> <Connector port="8009" protocol="AJP/1.3" >>> redirectPort="8443" /> >> >> >> Then I can open my application https link in browser. BUT, good >> time never lasts too long, after several hours, I failed to >> access my https link again. >> >> Anyone has any ideas about this? please share your >> suggestions...My tomcat version is 7.0.55 >> >> Thank you all very much. >> >> On Tue, Jan 20, 2015 at 3:56 PM, Jason Y <day...@gmail.com> >> wrote: >> >>> Hi folks, >>> >>> Recently my application cannot be accessible in browser with >>> https version. I think it is due to vulnerability in ssl 3.0 >>> issue. >>> >>> I checked my tomcat configuration and replaced >>> sslProtocol="TLS" with >>> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" to disable SSL >>> 3.0. >>> >>> <Connector port="8080" protocol="HTTP/1.1" >>>> connectionTimeout="20000" redirectPort="8443" /> <Connector >>>> port="8443" >>>> protocol="org.apache.coyote.http11.Http11Protocol" >>>> maxThreads="150" SSLEnabled="true" scheme="https" >>>> secure="true" clientAuth="false" >>>> sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" >>>> keystoreFile="xxx" keystorePass="xxx" /> <Connector >>>> port="8009" protocol="AJP/1.3" redirectPort="8443" /> >>> >>> >>> Then I can open my application https link in browser. BUT, good >>> time >> never >>> lasts too long, after several hours, I failed to access my >>> https link again. >>> >>> Anyone has any ideas about this? please share your >>> suggestions...My >> tomcat >>> version is 7.0.55 >>> >>> Thank you all very much. >>> >> > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUvnFcAAoJEBzwKT+lPKRYtGgP/iTkRdSJi6W4nRqtO8+pvamG DwioY20yFTiekP0hyc+FYxxKyS5gEjPqCMnW7celPBNe1qPAbWxu5JGIt0g3SUWV nuGg/8pJN2pGMF3ubG+liBANnvMU2kfXum21PzZi3ljqmvsTNRNTqnorBkEJVBaM tnGnTD1MCgOVfbBd4w1KO2VEybUQURD/ApyhgHqZy9isOt7vB5lHnOXfSJDoacNu sqzNr3gGHErBsqdLGd0K1XLBJSx+/Ts4oNzFltKK8oTmW++zmJf6OQwIOBScUMBr JRsxdj/MOoColRoCAJb9Mq4q0WIjMaerlBFCnMJOGigGVbEJ9FVBUGbRPJ/GOXu9 ZrxeA2FHxyPJIF+rvnl6JaBHrtnS/rvbnJGUhll4uwSjGhiXJCiK+XHkJJW/r1Wu s7GEF30wM94nfqPiT2LgRFe0vn9xs+zYiCaQSKfPgvq2kRVgkZM3TDbTcfMgazBp QSxXlzfgtD4aH/Ny/vc+3mIBUOnv3Fe9HMXjfdVzNMJwavAe48l6TOD79bVrqYZS wZq29RzTL5S1SsXY9RlSFKnGtvAomFTcEwfyCt55iUnOv9lD5zua+EfgFTUVaMJo afzz5qxkgkCoCNSWxmJBLNZCddXbmQsBqBCs4s/JE9y5XAJfZXmmwFXLDmkMcCiV 1C+pvkD/V3/6R4XzNk/w =q0C5 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
