On 15/10/2010 17:58, Robert La Ferla wrote: > When users connect to our Tomcat 6.0.29 using Google Chrome, they get > this warning when they click the security icon: > > "The connection had to be retried using SSL 3.0. This typically means > that the server is using very old software and may have other security > issues." > > Tomcat is configured using this: > > <Connector port="xxx" address="xxxx" protocol="HTTP/1.1" SSLEnabled="true" > maxThreads="100" scheme="https" secure="true" > enableLooks="false" compression="on" > keystoreFile="xxxx/certificate.keystore" keystorePass="xxxx" > clientAuth="false" sslProtocol="TLS" /> > > I believe we are using OpenSSL 0.9.8f on Solaris 10. Not sure how to > tell which SSL library tomcat is using.
Those two statements are not consistent. Your connector config is for JSSE, not OpenSSL. Tomcat uses TLS by default[1]. See [2] for other options for sslProtocol Mark [1] http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL_Support [2] http://download.oracle.com/javase/6/docs/api/index.html --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
