Thanks, Mr. Schultz.
I managed to find the IBM docs. At least some of the cipher suites the
customer is talking about are supported all the way back to their 7.0 JVM.
I've specified cipher suites by name in the connector, but I don't think
I've done protocols. "TLS," according to the IBM docs, "Enables TLS v1.0
protocol (defined in RFC 2246). Accepts TLSv1 hello encapsulated in an
SSLv2 format hello."
Sounds like I would need to enable TLSv1.1 and TLSv1.2 explicitly. Would
I change the sslProtocol clause from
sslProtocol="TLS"
to
sslProtocol="TLSv1.1,TLSv1.2"
or even
sslProtocol="TLSv1.2"
and specify acceptable cipher suites in the ciphers clause?
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
