Emen-Eddine,
> -----Original Message----- > From: Christopher Schultz <ch...@christopherschultz.net> > Sent: Wednesday, June 09, 2021 9:08 AM > To: users@tomcat.apache.org > Subject: Re: [OT] Request: Encryption requirements for TLS and SSL for > Tomcat > > Emen-Eddine, > > On 6/8/21 08:10, Emen-Eddine AISSAOUI wrote: > > Hello, > > > > I am contacting you regarding the cipher suite recommandations for TLS > > and SSL for Tomcat. > > > > This is an urgent request for a customer feedback. > > Since this is a customer who is presumably paying YOU for YOUR services, this > is probably an urgent request for YOU. If your customer(s) want to pay US to > help them, it may become urgent for US. > > > Could you please tell us which cipher suites are used and necessary > > and if there is any particular prequesites regarding TLS and SSL > > encryption for the proper functioning of Tomcat ? > > Tomcat will use a combination of your configuration and system (JVM) > support to determine which cipher suites will be used. Assuming at least one > cipher suite is in that set, Tomcat will "work". None are actually necessary. > > -chris > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org If you're looking for actual cipher suite recommendations, I'm not going to make any but I will show you some useful resources. This is a list of the supported Java 11 cipher suites "sorted by order of preference." Hopefully good security is one of their preferences! https://docs.oracle.com/en/java/javase/11/security/oracle-providers.html#GUID-7093246A-31A3-4304-AC5F-5FB6400405E2 This is another useful site with information on whether a cipher suite is recommended or not. https://ciphersuite.info/cs/ You can cross reference the lists from those two sites. John --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org