-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marko,
On 2/10/2009 9:53 AM, Marko Sacher wrote: > I have a problem with a certificate from a CA. The certificate of the CA is > included by default in FF3. If I call my page I get error: > sec_error_bad_signature: invalid signature. > In other browsers the certificate looks O.K. > My CA tells me to disable SSLv2 and perhaps also weak cyphers. My config is: > <Connector protocol=''HTTP/1.1'' port="443" SSLEnabled="true" > keyAlias="some-time.eu" maxThreads="150" scheme="https" > keystoreFile="~/.keystore" keystorePass="password" secure="true" > clientAuth="false" sslProtocol="TLS" /> I hope that protocol=''HTTP/1.1'' is really a protocol="HTTP/1.1". Otherwise, your configuration is broken. > Also I think Java in current version does not support SSLv2 no more. Nobody should be using SSLv2 for anything. Is it possible that you've hit this bug? https://bugzilla.mozilla.org/show_bug.cgi?id=454759 If so, you should get involved in the discussion. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmR380ACgkQ9CaO5/Lv0PBVngCfUWj6LQtpQ9SbS6gwdXTn24nl 3xMAnjbIISRNcAbslwSDlcLO75kpfQh6 =FFBC -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org