-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mark,
On 1/17/17 8:39 AM, Mark Thomas wrote: > On 17/01/2017 11:23, Michael Orr wrote: >> Hi, >> >> There is a user property >> "org.apache.tomcat.websocket.SSL_PROTOCOLS" that you can use to >> provide the list of permitted SSL protocols when connecting to a >> websocket with WsWebSocketContainer. I was expecting that there >> would be a similar property to allow you to set the list of >> permitted SSL cipher suites as well. >> >> I've checked the code (for version 7.0.73, and also 9.0.0.M15) >> and there doesn't seem to be any mention of such an option. I >> can see it calling SSLEngine.setEnabledProtocols() but not >> SSLEngine.setEnabledCipherSuites(). >> >> Is there a particular reason why there is no >> "org.apache.tomcat.websocket.SSL_CIPHER_SUITES" property, or is >> it simply an oversight? > > No reason I can think of. Patches welcome :) I'm curious: since the existing <Connector> (possibly) contains a TLS configuration, why does Websocket specifically require a separate configuration? - -chris -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIbBAEBCAAGBQJYfnE3AAoJEBzwKT+lPKRYwpoP+OgM+lcIrhZ8AO6Vxyx9CliL GzwiFbgPgnCfpTnsLIT+0ZU+xQ2zg1RcCVOlKMTTRWRClioUf4+oDqGCm0BY2jAi uAAAaDp1MXj4rNLb8sStJJmvQW0x3Mm6z4X8Pn9EZ1uR+9s21dHCpkbpxcKOu6z2 ZHNvQOwjgB0mpbj1/q9otfJx/sKZlozwOh4LJ7/vrask+vmRjsFK1rN0vjAXgo79 PLLsHWbXYHFKLKpMwEQnZ44LvtEl4FrYFZalN/R8FYMIOSBEx7MUxPOdq62U5w3p O0Xelq0ijqT2pkrh4150Jt0Ff+3pkuUqL/MsXW+Gwfh6l/OdrQWN/ppEihy7VAbw ytrv3V1lP3tewr8VJBWAfuz9wp+1bOmoRFDzsUrrsH4SPj0jrs0DTBBa8832dZa0 EWBlcU1qmr+QMzT4NjOSIg8JDzb13fB/ZxUWi3TldKTMaHggXvY0fxU098McDt+x pOhCd0l6jHy0Z1H2+2Xlc7wroXwVYqdJjDFV6+MCiEhA2PNN6MQoVcHJffmvcsYW 84kKMIY9+IXGs8z6N/71v+3TB4PhXg0t0QcW+zzlyzZqRfMJGUsq/4FdVeeJ4s84 mxJ0cX1j96sUOs7nMaXBZ3uliIXQRwprMH0YebqGcMi8DZrrQ9r5vDjKzKsz7ZI8 UGcuzam6DjJqYKhryl0= =IvJ1 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org