Dear Chris, Could you help me out with the connector sample with sslhostconfig. I have mentioned the connector details in my previous email.
On Mon 7 Jan, 2019, 12:22 AM Christopher Schultz < ch...@christopherschultz.net wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Sameer, > > On 1/6/19 13:40, Sameer Umbrajkar wrote: > > Dear John & Raj, > > > > *My JVM version is 8.1.015 and Tomcat version is 8.5.13* Please see > > the version details below - > > ====================================================================== > ==================== > > > > > E:\BOE\tomcat\bin>version > > Using CATALINA_BASE: "E:\BOE\tomcat" Using CATALINA_HOME: > > "E:\BOE\tomcat" Using CATALINA_TMPDIR: "E:\BOE\tomcat\temp" Using > > JRE_HOME: "E:\BOE\SAP BusinessObjects Enterprise XI > > 4.0\win64_x64\sapjvm\" Using CLASSPATH: > > "E:\BOE\tomcat\bin\bootstrap.jar;E:\BOE\tomcat\bin\tomcat-juli.jar" > > > > > Server version: Apache Tomcat/8.5.13 > > Server built: Mar 27 2017 14:25:04 UTC Server number: 8.5.13.0 > > OS Name: Windows NT (unknown) OS Version: 10.0 > > Architecture: amd64 JVM Version: 8.1.015 JVM Vendor: SAP > > AG E:\BOE\tomcat\bin> > > ====================================================================== > ===================== > > > > As suggested I added below parameters in Java Option of Tomcat > > configuration still facing the same error related to TLS protocol > > and ciphers > > ====================================================================== > ===================== > > > > > - -Dhttps.protocols=TLSv1.2 > > -Dhttps.cipherSuites=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 > > ====================================================================== > ===================== > > > > > As requested, please find the HTTPS connector details below from server. > xml > > ====================================================================== > ===================== > > > > > <Connector protocol="org.apache.coyote.http11.Http11NioProtocol" > > port="8443" maxThreads="200" scheme="https" secure="true" > > SSLEnabled="true" keystoreFile="E:\SSL\.keystore" > > keystorePass="Am1@k123" clientAuth="false" sslProtocol="TLS"/> > > It would be better to use the more modern configuration which includes > <SSLHostConfig> elements within your <Connector> elements. > > http://tomcat.apache.org/tomcat-8.5-doc/config/http.html#SSL_Support > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ > > iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAlwycYkACgkQHPApP6U8 > pFi+tw//ajl4qF4/leS0vP7GTZmxom3WtVbbxYQHRIL1+GDD922etcS60kgsD4cE > dcQlmzPuChA0HOOn7MXgL8NH2edxRc6rssoQx2TuQcNotD2QfAQhRaLuV5usKG6h > 1sv4tz2BuBVbAtEWSjwI3qtqv6feaJCtR1AU2kIlQilnbcKS2yEy/7jtW58UcmvZ > SxjQ6Bxedm0LGcu7rwRVVKkYzKkJhhz+W1Bv8fFEp5KeY+sLPupsntlsVrC2cXL5 > c44XMBKHnRudiIk0p+d2gQPwYGTH4UtRMIX8W74Vfen60YweI9TpfuNSf9wC5TEP > kLUk2+++hPTMxDW8BliZIMxJW7V+m9BpaGffGygGPbmMaVAWFg0v7yefmPVaiGz0 > QLLRstMpySoHDg51mptQpj49YHTZtuYtKlwQbSVIBxy+BAGUzAFnGRIAG9MYRyLG > 4HpwDzYplyCRev/C+btjogMUWv+czxbqig5tcNtmMtX/Ycsiu24rq5EQbgqxzFTC > IiSXqEz8zguJJZfgv676CJzzuWskSFZHLWeShiDN5H1EMj/NOzkwGESvFkuwrhVd > RRQNNpS9+Z9754dd9iy8QwCR0avtE3Gxcfa6ID2JeuRpLSKpOg9JMcp/WkSjNMyc > futM588UHDPm8Mv2+9pPirPSc9EOFeAXJ3cb7oxc/ef65SGnFxE= > =Y8ni > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >