-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James,
On 7/27/16 5:03 PM, James H. H. Lampert wrote: > On 7/27/16, 11:59 AM, Mark Thomas wrote: >> Note since you are on Java 6 you can't force the server >> preference order on the client. You might want to drop the 128 >> bit version. > > Thanks. That brings our own server up from an "F" rating on > SSLLABS.COM to a "C." Better than nothing :) You're going to need to upgrade to a later version of Java in order to improve that score. You are capped at a "C" grade because Java 6 doesn't support TLSv1.1 and TLSv1.2. Short of replacing the crypto provider being used (maybe BouncyCastle works? There is a parallel thread suggesting that BC might have some incompatibilities, but nothing definite yet), your only option is to upgrade your Java version. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAled6WEACgkQ9CaO5/Lv0PCtpACgkyObYMuB5qO+d6rb0X+IikUb T3kAoKzaZpPWfyZTKajq/meGp3/o1usA =N0kj -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org