You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Nikitha Benny <ni...@gmail.com> on 2016/05/16 04:42:07 UTC
Enabling Tomcat to be FIPS compliant.
Hello Everyone,
I am using JRE 1.8.060 and tomcat 7.00.068 ,after enabling the FIPS mode
and performing the steps to create a certificate(PKCS12 format). I was able
to access the tomcat home page using HTTPS
But when I was using the same JRE 1.8.060 with tomcat 7.00.069 and then
enabling the FIPS and performing the steps to create a certificate I am
unable to access the tomcat home page using HTTPS.I got an error saying : “This
site can’t provide a secure connection,uses an unsupported protocol,
ERR_SSL_VERSION_OR_CIPHER_MISMATCH”.
Later I added Ciphers in server.xml.ovtemplate and try loading the page
using Https and the page loaded successfully.
May I know why I should add ciphers to server.xml.ovtemplate for tomcat
7.00.069 but not for 7.00.068 to open in HTTPS ?
Re: Enabling Tomcat to be FIPS compliant.
Posted by Violeta Georgieva <mi...@gmail.com>.
Hi,
2016-05-16 7:42 GMT+03:00 Nikitha Benny <ni...@gmail.com>:
>
> Hello Everyone,
>
>
> I am using JRE 1.8.060 and tomcat 7.00.068 ,after enabling the FIPS mode
> and performing the steps to create a certificate(PKCS12 format). I was
able
> to access the tomcat home page using HTTPS
>
>
> But when I was using the same JRE 1.8.060 with tomcat 7.00.069 and then
> enabling the FIPS and performing the steps to create a certificate I am
> unable to access the tomcat home page using HTTPS.I got an error saying :
“This
> site can’t provide a secure connection,uses an unsupported protocol,
> ERR_SSL_VERSION_OR_CIPHER_MISMATCH”.
>
> Later I added Ciphers in server.xml.ovtemplate and try loading the page
> using Https and the page loaded successfully.
>
>
>
> May I know why I should add ciphers to server.xml.ovtemplate for tomcat
> 7.00.069 but not for 7.00.068 to open in HTTPS ?
Check Tomcat 7.0.69 changelog
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Regards,
Violeta