You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2013/09/09 09:00:29 UTC

[Bug 55537] add support for TLS1.1 and TLS1.2 excluding TLS1.0 (BEAST attack)

https://issues.apache.org/bugzilla/show_bug.cgi?id=55537

Ognjen Blagojevic <og...@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 OS|                            |All

--- Comment #1 from Ognjen Blagojevic <og...@gmail.com> ---
(In reply to Ralf Hauser from comment #0)
> In http://tomcat.apache.org/tomcat-6.0-doc/config/http.html#SSL%20Support,
> the "sslProtocol" attribute would have to be String[], i.e. e.g. comma
> separated protocol list

You created bug for Tomcat 7, but you are quoting Tomcat 6 docs.

HTTPS connector in Tomcat 7 has attribute sslEnabledProtocols by which you may
specify only desired protocols, e.g. TLS 1.1 and TLS 1.2.

The same attribute in Tomcat 6 is called "protocols", but it is undocumented.
Take a look at the bug 54691.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org