You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Thiago Silva <th...@gmail.com> on 2007/06/06 18:50:32 UTC
Cipher suites
Hello,
I was wondering if is there any way to force the use of a specific cipher
suite. I need to do some analyses in many cipher suites, that is why I need
to do that.
I have tried to use the tag "ciphers" in the following part of the
Server.xml, but it did not used the specific cipher suite that I have set.
code:
------------------------------
<Connector port="8443" maxHttpHeaderSize="8192" ciphers="RSA_RC4_ 128_ MD5"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
------------------------------
Instead of RSA_RC4_128_MD5 I got RSA_RC4_128_SHA.
I have a j2me client that makes connections in tomcat using https.
Any ideas?
Re: Cipher suites
Posted by Bill Barker <wb...@wilshire.com>.
"Thiago Silva" <th...@gmail.com> wrote in message
news:af37859b0706060950t1db062deqfec52f6f5d2e759e@mail.gmail.com...
> Hello,
>
> I was wondering if is there any way to force the use of a specific cipher
> suite. I need to do some analyses in many cipher suites, that is why I
> need
> to do that.
>
> I have tried to use the tag "ciphers" in the following part of the
> Server.xml, but it did not used the specific cipher suite that I have set.
>
My guess it that you are using the APR Connector. Can you post the results
from the Connector startup from your logs?
> code:
> ------------------------------
>
> <Connector port="8443" maxHttpHeaderSize="8192" ciphers="RSA_RC4_ 128_
> MD5"
> maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
> enableLookups="false" disableUploadTimeout="true"
> acceptCount="100" scheme="https" secure="true"
> clientAuth="false" sslProtocol="TLS" />
>
> ------------------------------
>
>
>
> Instead of RSA_RC4_128_MD5 I got RSA_RC4_128_SHA.
>
> I have a j2me client that makes connections in tomcat using https.
> Any ideas?
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Cipher suites
Posted by Thiago Silva <th...@gmail.com>.
I am not using spaces in the real file. It is just a mistake when I copied
and pasted.
Is this the the only way to force the use of an specific cipher suite? Has
anybody ever done this before?
On 6/7/07, Christopher Schultz <ch...@christopherschultz.net> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Thiago,
>
> Thiago Silva wrote:
> > I have tried to use the tag "ciphers" in the following part of the
> > Server.xml, but it did not used the specific cipher suite that I have
> set.
> >
> > code:
> > ------------------------------
> >
> > <Connector port="8443" maxHttpHeaderSize="8192" ciphers="RSA_RC4_ 128_
> MD5"
>
> Is the space in there intentional?
>
> You have: "RSA_RC4_ 128_ MD5"
> You need: "RSA_RC4_ 128_MD5" (probably)
>
> - -chris
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFGaByU9CaO5/Lv0PARAnuHAKCHcFJWdLtqbSJ4r57P7BcjT+PDLgCfawIu
> FgCu2eMjRZwpW9YG8N1k1Hw=
> =WB8G
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
/*-------------------------------
Thiago - Pedpano -
-------------------------------*/
Re: Cipher suites
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thiago,
Thiago Silva wrote:
> I have tried to use the tag "ciphers" in the following part of the
> Server.xml, but it did not used the specific cipher suite that I have set.
>
> code:
> ------------------------------
>
> <Connector port="8443" maxHttpHeaderSize="8192" ciphers="RSA_RC4_ 128_ MD5"
Is the space in there intentional?
You have: "RSA_RC4_ 128_ MD5"
You need: "RSA_RC4_ 128_MD5" (probably)
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGaByU9CaO5/Lv0PARAnuHAKCHcFJWdLtqbSJ4r57P7BcjT+PDLgCfawIu
FgCu2eMjRZwpW9YG8N1k1Hw=
=WB8G
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org