Hello, I'm sure this is detailed somewhere but I can't find it for the life of
me and it's been driving me nuts all day.
How can I limit the cipher suites used by Tomcat for an SSL connection?
I tried setting SSLCipherSuite="SOME_CIPHER", to only allow a single cipher but
when a client connects it still uses whatever is the first cipher in the
client's list rather than using the cipher I specify in the server.xml file.
My complete connector tag is:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSLv3" keystoreType="luna"
keyAlias="tomcat" keystore="/.keystore"
SSLCipherSuite="SSL_RSA_WITH_3DES_EDE_CBC_SHA"/>
Any help would be great
Mike
_______________________________________________
Join Excite! - http://www.excite.com
The most personalized portal on the Web!
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]