SSL IE vs Opera war

[Max Sevenfold <ma...@gmail.com>]

Hello,

Opera dislikes low encryption. It works only when I add

           ciphers="TLS_RSA_WITH_AES_256_CBC_SHA"

But it stops IE 7.
IE 7 uses

TSL_RSA_WITH_RC4_128_MD5

We tries following so far

           ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,TSL_RSA_WITH_RC4_128_MD5"
           ciphers="TSL_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_AES_256_CBC_SHA"
           ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,ALL"

Server responds Handshake Filure when IE 7 connects.

IE 7 works with

ciphers="TSL_RSA_WITH_RC4_128_MD5"
or with no ciphers attribute.

It seems to be Tomcat error as it does not wish to select 
TSL_RSA_WITH_RC4_128_MD5 when IE 7 connects.
or select Opera's favorite TLS_RSA_WITH_AES_256_CBC_SHA when Opera connects.

Is there any solution?

I have Tomcat 6.0.14 with no APR and no NIO.
I use Java 6 u3 or u4 with Strong Encryption.


    <Connector port="6443" protocol="HTTP/1.1" SSLEnabled="true"
           maxThreads="150" scheme="https" secure="true"
           keystoreFile="conf/keystore.tomcat"
           keystorePass="changeit"
           keystoreType="PKCS12"
           clientAuth="false" sslProtocol="TLS"
                                            
           ciphers="TSL_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_AES_256_CBC_SHA"
          
           compression="on"
           compressionMinSize="2048"
           noCompressionUserAgents="gozilla, traviata"
           
compressableMimeType="text/html,text/xml,text/javascript,text/css,text/javascript,text/plain"
           />




Thanks,
Max




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org