How to disable SSLv3 from Tomcat and define which protocols should be used?
Tomcat has server.xml file which can configured to use required protocols by editing/adding following attributes to connector element: ..\Ubisecure\ubilogin-sso\ubilogin\custom\tomcat\server.xml or ..\Ubisecure\ubilogin-sso\ubilogin\config\tomcat\conf\server.xml if custom\tomcat doesn’t contain the file.
<Connector port="8443" scheme="https" secure="true" proxyName="sso.example.com" proxyPort="8443" maxThreads="150" protocol="HTTP/1.1" useBodyEncodingForURI="true" maxHttpHeaderSize="65536" SSLEnabled="true" sslProtocol="TLS" clientAuth="false" sslEnabledProtocols=”TLSv1.1,TLSv1” … /> After changes run tomcat/update.cmd |
Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.
|