1. Suporte
  2. Base de Conhecimento
  3. 2. Technical questions
  4. How to disable weak ciphers in Tomcat?

Base de Conhecimento

How to disable weak ciphers in Tomcat?  Imprimir este Artigo

In order to disable weak ciphers, please modify your SSL Connector, container attribute inside server.xml with the following information:
ciphers="SSL_RSA_WITH_RC4_128_SHA,

TLS_RSA_WITH_AES_128_CBC_SHA,

TLS_DHE_RSA_WITH_AES_128_CBC_SHA,

TLS_DHE_DSS_WITH_AES_128_CBC_SHA,

SSL_RSA_WITH_3DES_EDE_CBC_SHA,

SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,

SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"















Example:
maxHttpHeaderSize="8192"
address="192.168.1.1"
enableLookups="false"
disableUploadTimeout="true"
acceptCount="100"
scheme="https"
secure="true"
clientAuth="false"
sslProtocol="SSL"
ciphers="SSL_RSA_WITH_RC4_128_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
keystoreFile="SomeDir/SomeFile.key"
keystorePass="Poodle"
truststoreFile="SomeDir/SomeFile.truststore"
truststorePass="HomeRun"/>






















Esta resposta lhe foi útil?

Artigos Relacionados

Java Keytool: commands
Deleting a certificate:  keytool -delete -alias aliasname List all of the...
How do I make my own bundle file from CRT files?
You may do this using you favorite text editor or by using the command line.Example: #...
Convert certificates formats (PEM/P7B/PFX/DER)
You can change certificate format using OpenSSL commands or SSL Converter tool. The...
Changing .crt file into the .cer format
Double-click on the yourwebsite.crt file to open it into the certificate display. In a new...
Converting .pfx file for use with Apache
Run the following command with open SSL:  openssl pkcs12 -in mypfxfile.pfx -out...

  Tag da núvem

AWS Installation Managed SSL

  Suporte

  Meus Tickets de Suporte   Anúncios   Base de Conhecimento   Downloads   Status da Rede   Abrir Ticket