-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Ramon,
On 5/29/15 3:32 AM, Ramon Pfeiffer wrote: > Am 28.05.2015 um 18:56 schrieb Caldarale, Charles R: >>> From: Ramon Pfeiffer [mailto:ramon.pfeif...@uni-tuebingen.de] >>> Subject: Problem specifying cipher suites in tomcat6 >> >>> I'm currently trying to specify a list of cipher suites to be >>> used by my connector in Tomcat 6.0.24. >> >>> Anybody can shed some light on what I did wrong? >> >> Using a version of Tomcat that's more than five years old is the >> first thing - there have been many, many security fixes since >> then, including some related to the ciphers attribute. You also >> need to tell us the JVM version, the platform you're running on, >> and whether or not APR is in use for this <Connector> (it's in >> the logs). > > Sadly, it's a system I inherited last year and now have the > pleasure to work with. I can't update Tomcat for I don't know what > will break. If you can't upgrade it, you are better-off shutting-down the service, because there are security vulnerabilities in there. So, ask your boss which is worse: shuttering the project, or getting a new version of Tomcat into a testing environment? > Anyway, I'm working on a RHEL6 system. A java -version yields # > java -version java version "1.7.0_79" OpenJDK Runtime Environment > (rhel-2.5.5.3.el6_6-x86_64 u79-b14) OpenJDK 64-Bit Server VM (build > 24.79-b02, mixed mode) So, no problem keeping the JVM up-to-date. You must have a testing process for that, right? Just use the same testing process after upgrading Tomcat. Once you're up-to-date on Tomcat 6.0.x, go ahead and try again with Tomcat 8.0.x. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJVaLoeAAoJEBzwKT+lPKRYOq4P/RiGBu4V/2MXWkfSTzTaE9t7 rEDNibD6hMyWIGhuqlbAaZJ/jnUB8Hnnnu6TPttkhDCXxasKybC6htK4GlzHj8J8 vH4a0DfMR4NM3JQs4M38XYpl78mTMgv5079cHMasJsOfNpiGpJLIqyOTFB/LQV+i h8W1PLLBPQrbRITgAJNfAMUrvCQoRGx61Z8yptRA6TMN/jLEERGIJf20xBMqvBdW 08btc/o2LLVtsXctw7tlx/4FRyV9VxOEWwf9vYp4q4tGc1Rhiu4uB6YvC9PvVZQI FmElHOpwSq+GeauBlaRb2Y3EUEdPC1hZsmvHsy68X87Ni2gUT+7og7CygspWHmiV Hq9C4z/mo4lQWnHQfFmEx0hJ8tmiRyumtfZD01D8cnYWdW9eBH6J7bGeQVh81jx8 JYbqbIWkDEKpNhUIN7czlX1T/SNcA6+VGynajILx1+qHf6FbFyVJLbpElSKVV1UX YmXS6qIX7DlKvn80nZ81NB+WcmnfxZR7cn2ppKLGZyMSvVvY1AOXXF3vrFXfB2SG 2WZz4RbCulSY+s8qxzwhfhSagGWyn9ua5WrmDzeJ9tBplguIdvdHoXpwWOPbd3cW vlcgk9EYP2ooWawrQY+ltGNffuqtYzxjwrfo63PYAMuZDXpksSp5YJtDv4L+gsec s4wSnVMBakZ4lm70I/4/ =mSi+ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org