![]() ![]() UVFtPabu8b4h9UjcnxffU7MMS5Xu1Ag16aWw3CtEi/JOtkRvJr1RQ+wrn2uWJ/tv KfQhIs+F8vY0a6Ua+aiiymXa05NA9P8xu5rO1R48xDvJ+lTGODYUGBQxLcr7eZ2M X7dh4iJ/AgMBAAGjUDBOMB0GA1UdDgQWBBRyiAZrwV50C6AxabY6e55QIS1i6jAfīgNVHSMEGDAWgBRyiAZrwV50C6AxabY6e55QIS1i6jAMBgNVHRMEBTADAQH/MA0GĬSqGSIb3DQEBCwUAA4IBAQCdrlJbeDgmjpKaexXGU6tn2xQjtyz4xQGmHkcwjLzpĬW3Ixo+DwKKQaHDRhqyrKXGEU7Vbe1rXfX6ouF5z5vutLri4N0WHhZ12O8WI3SqX Yc7KJuOuq96j7LtJFcHFPDqU0F4gUAoHaim39YtqCQSWXwd4eCBFVv9v3UWX+cS0ĭFOe8AT0eeAzeAxfzE1LC3yT2H+3ALq55/CLSQxIPrQ9U+uPY9+p/duJ7IF6bJJMĭXGZ1ua0u4UbNc1EB9pkN6jO/iCAvB2CLQC6Gyi6+8圜FzZ14HJmHtaEbYpey0BAģcm2y4FQCU3AqfVJk0k4E21Go1y8Dj59gr/dsk2A3KQXB3SdKgVZyc6r4GctQavVĭo4SfXAAHvkHFXVBOQtNvukb+SNf+0XoRytVkzDoTZ6+lkmvVvryVQOrRT3gu5R/ MIIC7TCCAdWgAwIBAgIJAMsPhhsmv/jdMA0GCSqGSIb3DQEBCwUAMA0xCzAJBgNVīAYTAkdCMB4XDTIwMDUwOTE0MjcxOVoXDTIwMDYwODE0MjcxOVowDTELMAkGA1UEīhMCR0IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDkDA80QKNRRGW Verify error:num=10:certificate has expired ![]() Verify error:num=18:self signed certificate The output of this command should return an SSL certificate, and look like this: CONNECTED(00000003) To validate that TLS 1.2 remains enabled, run the following command: openssl s_client -connect localhost:8443 -tls1_2 SSL handshake has read 7 bytes and written 0 bytes To confirm that TLS 1.1 has been disabled, run the following command: openssl s_client -connect localhost:8443 -tls1_1īoth commands should return outputs of this kind: ~]$ openssl s_client -connect localhost:8443 -tls1_1ġ40677227890576:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:s3_pkt.c:1493:SSL alert number 70ġ40677227890576:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:659: To confirm that TLS 1 has been disabled, run the following command: openssl s_client -connect localhost:8443 -tls1 If you wish to specify another value, that value must be a valid engine name.Īn example of APR configuration looks like the block below. Make sure the SSLEngine attribute is set to a value other than off. Tomcat needs to be restarted after making changes to the sever.xml file.įor these instructions, the APR implementation is required.Default server.xml files have this property defined, which isn't the same as below because of case sensitivity: sslProtcol="TLS". The properties mentioned are case-sensitive. ![]() The file that needs to be edited is /etc/tomcat8/server.xml. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |