2016-06-30 23:05 GMT-04:00 Greg Beresnev <russiande...@gmail.com>: > Hi, > > We're in the process of updating our web application to stop using SHA-1 > certificates and I was wondering if there was some way to configure Tomcat > (we're on version 7.0.39 - yes, I know, we are pretty old-school and should > get with the times) to either throw errors or at least log warnings for the > cases where connection/authentication attempt is being made using SHA-1 > certificate? >
No. However, you can select the accepted ciphers to reject anything that doesn't meet your standards. ----------------- Daniel Savard