-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dave,
On 10/4/16 3:38 AM, Garratt, Dave wrote: > I have Apache Tomcat 8 working ok with https when I connect to my > web page using a recent browser (desktop) or iPhone for example. > However this specific application is designed to run on a Motorola > MC9090 hand held wireless barcode scanner running a relatively old > version of Windows Mobile. The browser on that device can only load > the HTTP page and not the HTTPS page, giving a unable to open page > message. Speaking to a “expert” on these scanners the consensus of > opinion is that the type of encryption used by Apache Tomcat 8 is > more up to date than the mobile devices browser can support. As it > does not appear likely that the mobile devices are going to be > updated any time soon I was wondering if its possible to force > Tomcat to accept deprecated protocols rather than be forced to > revert to plain HTTP. > > Any ideas or ideally an example of how this might look in a config > file would be most appreciated. The user manual for the MC9090 doesn't say what support that model has for SSL or TLS. It does mention both SSL and TLS, which is a good sign. But it might not support certain versions e.g. TLSv1.1 or TLSv1.2. It might also require the use of an "SSLv2 Hello" handshake which uses the SSLv2 protocol only for the handshake but won't negotiate SSLv2 for example. If your server and client cannot agree on a protocol, you won't be able to communicate. Can you reconfigure the mobile device to use a different URL? If so, you might be able to set up a web server that is very locked-down and expected to only be used by that particular device. If that device can only make insecure web requests, you might want to decide if you should really still be using it for anything that requires actual security. - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJX88iwAAoJEBzwKT+lPKRYYmQP/A827s+M9eS74SR5vvchDHEp dlcMIg06G31rkgQjbYl8Zuwx3q8q8/MZwo9gg5bjDBL5+sdQ0aepB804X26907fY XmYOF+l+XW/9m7D/CZxrvkky6AqBe16VHDpvzSV2i3hisHDJdb9LoAPPMXNSg/Wl f3o9mUQyqP3SixomI4C5eiK1y4kkt1g36bfo+fTWzXEHdQ+CNQZTrXCRBEBKYhcB jXu8YoM6pCVm/625ro3gi9P+MQwxrb2kMIWI5m2AClVLJZKa8PtG5rASNtaINb8J IHnhRceOOTAbtCedmYC5YiM6oxweU3yCv2o6hD2pBrpHZ/VG1R0TmGyPcBHhq72S qMwKAPdg2v+saunIwJg7FZ8RLnos24iY4/7NK3CoQriNC5rdIFrIp6OhH6gdW02H j6SFdrNHk8lgEhlvV7kWNRBT/lzyD7AVyRjWPGuQcRqEPhHO1ZAQb5DVVAnyjiLB D/rcmW+hIn57ihkw08hopJ4BcXlULzswsM+lT396u3Uy0M9uW6ln2RYIx00VpqEo GLT5B3jb/H2rDrwgFI3nhvxJHcWHtd8XvV007AfA264v/dVaSh9rat7fEB965HLY ULQ8pM28qMZrWioCv8DsxVkzhQE8Nmj9LifcLArmdtNbEHXY4tMr8+O2TexfUWNh leDCI7B30HQEI7LSeVAF =ObJT -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
