Hi,
We started out with tomcat 7.0.35 and got that running with our REST
servlet.
When we upgraded to tomcat 7.0.63 we got this error when we tried to
create a new session:
{
"message": "[Errno 1] _ssl.c:507: error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure"
}
Through Google we found out that we needed to add "SSLv2Hello" to the
enabled protocols so we changed our connector in server.xml like this
(only added SSLv2Hello):
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="${catalina.base}/conf/keystore"
keystorePass="*" clientAuth="false"
sslProtocol="TLS"
sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1,SSLv2Hello"
URIEncoding="UTF-8" />
We upgraded to tomcat 7.0.68 and it works fine with above connector in
server.xml
When we upgraded to tomcat 7.0.70 we got the sslv3 error again even
though we have SSLv2Hello in the enabled protocols:
{
"message": "[Errno 1] _ssl.c:507: error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure"
}
What do we need to change in the server.xml file to bypass the ssl3
error this time?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
