Tomcat APR connector and POODLE -

-

I have an APR + SSL connector Tomket 7.0 running some production server and recently caused me crazy attack asked was to completely disable SSLv3 in some of these servers I opened through the document and accordingly, SSLProtocol to TLSv1 ( instead should be sufficient to disable SSLv3 and apply TLSv1.

The problem is that TLSv1 does not reject but the server SSLv3 seems to enable TLS. I got it openssl s_client -connect -ssl3 and I verified that plain-old SSLv3 connection can still be accepted , So I was thinking that this is a bug in tomcat or if there is anything else that requires me to disable SSLv3 completely set.

UPDATE: I now Disabled APR for and use an NIO connector with sslProtocol = "TLS" New disabled and it works fine. The problem especially affects the APR. For reference, this is my new connector configuration: 

  & lt; Connector port = "443" protocol = "org.apache.coyote.http11.Http11NioProtocol" SSLEnabled = "true" maxThreads = "500" scheme = "https" secure = "true" C LientAuth = "false" keystoreFile = "/ etc / Keys / ***. Ks "keystorePass =" **** "SSL Protocol =" TLS "sslEnabledProtocols =" TLSv1.1, TLSv1.2 "/> It seems that while using APR connector with TLS, SEL has the ability to completely disable. Still a work in progress. Check out this link for more information: specifically comment # 37  
 The good news is that it will be fixed in the next release of Tomcat and Tommat's original. Comment # 39 See:  
  r1632593 and Tisianatti -1.1. X will be fixed R1632595 Tisianatti in Tisianetiv-trunk 1.1.32  
 
 and comment # 40 : 
 
  Tomket-trunk will be fixed Tomk 8.0.15 in r1632604 be fixed Tomket 7.0.57 R 1,632,606 in Tomket 7
< / Html>

Comments

Post a Comment

Popular posts from this blog

winforms - C# Form - Property Change -

-
I have a form that has a property named car A class with many properties. The Properties is being displayed on the current car on the basis of some user actions that are being displayed. So I have to know whether the property has been allocated or set to zero. I'm aware of INotifyPropertyChanged , but in my case I'm not sure that since this change I have changed my car properties car do not want to monitor the property. Any idea how to accomplish this? In advance thank you If you have created a true asset in your class then You should be a great and setter, you can add the code directly to the form property in order to take action on the basis of "form": Public partial category Form 1: form {public form 1 () {InitializeComponent (); } // define car square public class car {public string name = string. Empty; } // private car to keep the value of the current car private variable _car = null; // Property of public form which you can ru...
Read more

javascript - amcharts makechart not working -

-
I am trying to create an amiratars serial chart on my Durandal single page application. This chart was working fine on Chrome browser but it is not working on IE. Can you please help me in this regard. Error while using Amcharts. The Macchart () method does not support the object in this object in IE.
Read more

java - Algorithm negotiation fail SSH in Jenkins -

-
I am trying to do SSH on the local server from Jenkins, but the following error has been thrown: [SSH] Exception: Algorithm negotiation fail com.jcraft.jsch.JSchException: algorithm talk com.jcraft.jsch.Session.receive_kexinit (Session.javaatar20) at com.jcraft.jsch.Session.connect (Sesson at com.jcraft.jsch.Session.connect (Session.java:150) at org.jvnet.hudson.plugins.SSHSite.createSession (SSHSite.java:141) on failed failed org.jvnet.hudson.plugins. java: 286) .SSHS on org.jvnet.hudson.plugins.SSHBuildWrapper.executePreBuildScript (SSHBuildWrapper.java:75) on Org.jvnet.hudson.plugins.SSHBuildWrapper.setUp (SSHBuildWrapper.java59) ite.executeCommand (SSHSite.java151) on hudson.model.Build $ BuildExecution.doRun hudson.model.AbstractBuild $ AbstractBuildExecution.run (AbstractBuild.java:533) to (Build.java:154) hudson.model.Run.execute ( Run.java:1754) in ended .model.FreeStyleBuild.run (FreeStyl hudson.model.ResourceController.execute (ResourceController.java:89) on hudson.mod...
Read more