[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    Re: Obsolete cypher suit
From:       Mark Thomas <markt () apache ! org>
Date:       2016-04-12 18:26:52
Message-ID: 570D3DEC.9040004 () apache ! org
[Download RAW message or body]

On 12/04/2016 19:11, Lyallex wrote:
> On 12 April 2016 at 18:06, Lyallex <lyallex@gmail.com> wrote:
>> apache-tomcat-7.0.42 as standalone web server
>> jdk1.7.0_45
>> Ubuntu 12.10
>>
>> Greetings
>>
>> I'm sure this is an old chestnut but it's got me stumped
>>
>> I just purchased and installed my first ever ssl certificate
>> I had it installed and apparently running in no time. I should of
>> course have been suspicious that it all went so smoothly
>> but I though it was about time I got a break ... no such luck.
>>
>> Clicking the padlock in chrome I get
>>
>> Your connection to 192.168.1.68 is encrypted using an obsolete cipher suit.
>>
>> The connection uses TLS 1.2.
>>
>> The connection is encrypted using AES_128_CBC with HMAC-SHA1 for
>> message authentication and ECDHE_RSA as the key exchange mechanism.
> 
> jdk1.8.0.77 fixed it
> 
> Should have know it was a Java (as opposed to Tomcat) problem
> 
> as you were

As of the next Tomcat 7 release, the SSL defaults have been improved so
a default configuration should not report any issues.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]