You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2014/01/01 17:30:45 UTC
[Bug 55944] New: TLS v1.2 not working in Tomcat 6 and 7
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
Bug ID: 55944
Summary: TLS v1.2 not working in Tomcat 6 and 7
Product: Tomcat 7
Version: 7.0.47
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Connectors
Assignee: dev@tomcat.apache.org
Reporter: withmudassir@gmail.com
Hi Guys,
I need TLSv1.2 support for tomcat, can any one help me by providing TLS v1.2
patch, also where should i actually apply the patch, in JDK / Tomcat / Tomcat
Native ??
Also what will be the preferable connector settings ?
Regards,
Mudassir Aftab
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
Mudassir Aftab <wi...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Priority|P2 |P1
CC| |withmudassir@gmail.com
OS| |Linux
Severity|normal |blocker
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
--- Comment #2 from Mudassir Aftab <wi...@gmail.com> ---
Hi Mark,
This is not the support request, this is the a in tomcat, according to official
forums, TLS1.2 is working in Tomcat apache-tomcat-6.0.36 but it is not working
for me, i have applied many patches posted in this bugzilla but not nothing
worked for me
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
Mudassir Aftab <wi...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|INVALID |WONTFIX
--- Comment #4 from Mudassir Aftab <wi...@gmail.com> ---
before closing this, can you please confirm that any version of TOMCAT from 6/7
support TLS 1.2 ????
Mudassir
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
--- Comment #7 from Mark Thomas <ma...@apache.org> ---
You have already been directed to the users list for further assistance. If you
continue to ignore this advice then your Bugzilla account will be disabled.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
--- Comment #3 from Chuck Caldarale <ch...@unisys.com> ---
(In reply to Mudassir Aftab from comment #2)
> TLS1.2 is working in Tomcat apache-tomcat-6.0.36 but it is
> not working for me
Which clearly indicates you're doing something wrong and should post your query
on the support mailing list.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
--- Comment #6 from Mudassir Aftab <wi...@gmail.com> ---
I am using following connector in Apache Tomcat/7.0.42
<Connector port="8443"
protocol="HTTP/1.1"
maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/home/mudassir/pay/p.pem"
SSLCertificateKeyFile="/home/mudassir/p/p-key.pem"
sslEnabledProtocols="TLSv1.2"
SSLCACertificateFile="/home/mudassir/p/AdminCA1.pem" />
An error occurred during a connection to confidential.com:8443. Cannot
communicate securely with peer: no common encryption algorithm(s). (Error code:
ssl_error_no_cypher_overlap)
CRITICAL - Cannot make SSL connection
140441642727072:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:724:
HTTP CRITICAL - Error on receive
root@confidential:/opt/tomcat7#
I have tried 7.0.42 . 7.0.47 ,6.0.36 and 6.0.37 but nothing helped me yet. Can
you please help me on this ?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
--- Comment #8 from Mudassir Aftab <wi...@gmail.com> ---
(In reply to Mudassir Aftab from comment #6)
> I am using following connector in Apache Tomcat/7.0.42
>
> <Connector port="8443"
> protocol="HTTP/1.1"
> maxThreads="200"
> scheme="https" secure="true" SSLEnabled="true"
> SSLCertificateFile="/home/mudassir/p/p.pem"
> SSLCertificateKeyFile="/home/mudassir/p/p-key.pem"
> sslEnabledProtocols="TLSv1.2"
> SSLCACertificateFile="/home/mudassir/p/AdminCA1.pem" />
>
> An error occurred during a connection to confidential.com:8443. Cannot
> communicate securely with peer: no common encryption algorithm(s). (Error
> code: ssl_error_no_cypher_overlap)
>
>
> CRITICAL - Cannot make SSL connection
> 140441642727072:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3
> alert handshake failure:s23_clnt.c:724:
> HTTP CRITICAL - Error on receive
> root@confidential:/opt/tomcat7#
>
> I have tried 7.0.42 . 7.0.47 ,6.0.36 and 6.0.37 but nothing helped me yet.
> Can you please help me on this ?
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN
9757/java
Jan 01, 2014 5:37:54 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.27 using APR version
1.4.6.
Jan 01, 2014 5:37:54 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false],
random [true].
Jan 01, 2014 5:37:54 PM org.apache.catalina.core.AprLifecycleListener
initializeSSL
INFO: OpenSSL successfully initialized (OpenSSL 1.0.1e 11 Feb 2013)
Jan 01, 2014 5:37:55 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-8443"]
Jan 01, 2014 5:37:55 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-apr-8009"]
Jan 01, 2014 5:37:55 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2588 ms
Jan 01, 2014 5:37:55 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Jan 01, 2014 5:37:55 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.42
Jan 01, 2014 5:37:55 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive /opt/tomcat7/webapps/confidential.war
Jan 01, 2014 5:37:59 PM org.hibernate.annotations.common.Version <clinit>
INFO: HCANN000001: Hibernate Commons Annotations {4.0.2.Final}
Jan 01, 2014 5:37:59 PM org.hibernate.Version logVersion
INFO: HHH000412: Hibernate Core {4.2.4.Final}
Jan 01, 2014 5:37:59 PM org.hibernate.cfg.Environment <clinit>
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
Bugzilla is not a support forum. Please use the Tomcat users mailing list.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 55944] TLS v1.2 not working in Tomcat 6 and 7
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=55944
Chuck Caldarale <ch...@unisys.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|WONTFIX |INVALID
--- Comment #5 from Chuck Caldarale <ch...@unisys.com> ---
(In reply to Mudassir Aftab from comment #4)
> before closing this, can you please confirm that any version of TOMCAT from
> 6/7 support TLS 1.2 ????
Of course it does.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org