epending on your version of Tomcat 5 and Version 6 the SSLEnabled="true" might not work as it was added mid-release.
Note: Support for TLS 1.0 is considered a weak protocol and we urge people to move to TLS1.1 and above. The following ssl protocols have TLS 1.0 removed to comply with this.
Tomcat 5 and 6
<Connector...
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslEnabledProtocols = "TLSv1.1,TLSv1.2" />
**On RHEL5-based distros, the following applies to Tomcat 6 versions prior to Tomcat 6.0.38 **
Note that TLSv1.1,TLSv1.2 is supported by Java 7, not Java 6. Adding these directives to a server running Java 6 is harmless, but won't enable TLSv1.1 & TLSv1.2.
<Connector...
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocols = "TLSv1.1,TLSv1.2" />
Tomcat >=7
<Connector...
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocols = "TLSv1.1,TLSv1.2" />
Comments
0 comments
Please sign in to leave a comment.