You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jojo Paderes <jo...@gmail.com> on 2005/07/17 20:26:37 UTC
Tomcat SSL Cipher Configuration
Hi,
I'm looking for some decent documentation and technical reference on
how to configure Tomcat's SSL cipher. Say for example I want Tomcat to
support a specific SSL cipher suite like Triple DES. Hope someone has done
something like this already.
I'm using Tomcat 5.5 btw.
Thanks, Jojo
--
http://jojopaderes.multiply.com
http://agilemanifesto.org
"In preparing for battle I have always found that plans are useless,
but planning is indispensable." - Eisenhower
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat SSL Cipher Configuration
Posted by Mark Thomas <ma...@apache.org>.
Jojo Paderes wrote:
> I'm looking for some decent documentation and technical reference on
> how to configure Tomcat's SSL cipher. Say for example I want Tomcat to
> support a specific SSL cipher suite like Triple DES. Hope someone has done
> something like this already.
>
> I'm using Tomcat 5.5 btw.
See http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
You want the ciphers attribute.
The ciphers need to be named as per the cipher suites in JSSE. See
http://java.sun.com/j2se/1.4.2/docs/guide/security/jsse/JSSERefGuide.html
Search the page for "Supported Cipher Suites". Also, I am pretty sure
they need to be comma separated.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat SSL Cipher Configuration
Posted by Edmund Urbani <em...@liland.org>.
Jojo Paderes wrote:
>Hi,
>
>I'm looking for some decent documentation and technical reference on
>how to configure Tomcat's SSL cipher. Say for example I want Tomcat to
>support a specific SSL cipher suite like Triple DES. Hope someone has done
>something like this already.
>
>I'm using Tomcat 5.5 btw.
>
>Thanks, Jojo
>
>
I may be mistaken here, but I don't think Tomcat does provide config
options for the actual ciphers used - at least not in server.xml. It
relies on the ciphers provided by the JDK. I think those can be
configured in the policy file. This might be useful for you:
http://java.sun.com/j2se/1.5.0/docs/guide/security/CryptoSpec.html
Edmund
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org