On 12 April 2016 at 19:26, Mark Thomas <ma...@apache.org> wrote: > On 12/04/2016 19:11, Lyallex wrote: >> On 12 April 2016 at 18:06, Lyallex <lyal...@gmail.com> wrote: >>> apache-tomcat-7.0.42 as standalone web server >>> jdk1.7.0_45 >>> Ubuntu 12.10 >>> >>> Greetings >>> >>> I'm sure this is an old chestnut but it's got me stumped >>> >>> I just purchased and installed my first ever ssl certificate >>> I had it installed and apparently running in no time. I should of >>> course have been suspicious that it all went so smoothly >>> but I though it was about time I got a break ... no such luck. >>> >>> Clicking the padlock in chrome I get >>> >>> Your connection to 192.168.1.68 is encrypted using an obsolete cipher suit. >>> >>> The connection uses TLS 1.2. >>> >>> The connection is encrypted using AES_128_CBC with HMAC-SHA1 for >>> message authentication and ECDHE_RSA as the key exchange mechanism. >> >> jdk1.8.0.77 fixed it >> >> Should have know it was a Java (as opposed to Tomcat) problem >> >> as you were > > As of the next Tomcat 7 release, the SSL defaults have been improved so > a default configuration should not report any issues. > > Mark
Now I'm confused, I thought Tomcat relied on the JSSE implementation in whatever version of Java that was used to start Tomcat to provide it's cipher suits. If this is correct how will a different version of Tomcat make a difference given that it's started with the same version of Java. If it's incorrect please forgive my boundlesss ignorance and stupidity. lyallex > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org