-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lyallex,
On 4/12/16 2:11 PM, Lyallex wrote: > On 12 April 2016 at 18:06, Lyallex <lyal...@gmail.com> wrote: >> apache-tomcat-7.0.42 as standalone web server jdk1.7.0_45 Ubuntu >> 12.10 >> >> Greetings >> >> I'm sure this is an old chestnut but it's got me stumped >> >> I just purchased and installed my first ever ssl certificate I >> had it installed and apparently running in no time. I should of >> course have been suspicious that it all went so smoothly but I >> though it was about time I got a break ... no such luck. >> >> Clicking the padlock in chrome I get >> >> Your connection to 192.168.1.68 is encrypted using an obsolete >> cipher suit. >> >> The connection uses TLS 1.2. >> >> The connection is encrypted using AES_128_CBC with HMAC-SHA1 for >> message authentication and ECDHE_RSA as the key exchange >> mechanism. > > jdk1.8.0.77 fixed it > > Should have know it was a Java (as opposed to Tomcat) problem You did have this cipher suite configured in your <Connector>, though: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA That's the one Chrome was complaining about. (Though I'm not sure why it doesn't like that cipher suite). - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlcNPyUACgkQ9CaO5/Lv0PCa4ACfUHcftICEAlwB25PExNjgw8CZ 4cEAoJKegblaMMmlFn/7CtH5t76cdWHI =SocL -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org