On 8/25/2015 12:01 AM, Nikitha Benny wrote:
Hi All, I am using Tomcat version 7.00.062 supported on JRE 8u45. How do i disable the LogJam Vulnerability?
Here's a pretty nice article: https://blog.eveoh.nl/2014/02/tls-ssl-ciphers-pfs-tomcat/ There's an updated connector configuration near the end.
I have added a line in the java.security file of the JRE. jdk.tls.disabledAlgorithms=DH Is this good enough? Or do we need to add DiffieHelmann also? jdk.tls.disabledAlgorithms=DH, DiffieHellman
A good thing is testing using a service. Here's a link: https://www.ssllabs.com/ssltest/
Which one solves the issue of LogJam? Kindly help. Regards, Nikitha
-- George Sexton *MH Software, Inc.* Voice: 303 438 9585 http://www.mhsoftware.com
