When users connect to our Tomcat 6.0.29 using Google Chrome, they get
this warning when they click the security icon:
"The connection had to be retried using SSL 3.0. This typically means
that the server is using very old software and may have other security
issues."
Tomcat is configured using this:
<Connector port="xxx" address="xxxx" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="100" scheme="https" secure="true"
enableLooks="false" compression="on"
keystoreFile="xxxx/certificate.keystore" keystorePass="xxxx"
clientAuth="false" sslProtocol="TLS" />
I believe we are using OpenSSL 0.9.8f on Solaris 10. Not sure how to
tell which SSL library tomcat is using.
How do I fix this? We have to support multiple browser/versions: IE6,
IE7, IE8, FF, Chrome... so whatever solution should allow for this.
--
- --
Robert La Ferla
VP Engineering
OMS SafeHarbor
This message (and any attachments) contains confidential information and is
protected by law. If you are not the intended recipient, you should delete
this message and are hereby notified that any disclosure, copying,
distribution, or the taking of any action based on this message, is strictly
prohibited.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
