仅在apache-tomcat-9和Java 8中启用TLS 1.2 [英] Enable TLS 1.2 only in apache-tomcat-9 and Java 8
问题描述
我已经在Apache Tomcat 9.x.x中部署了Web应用程序,并且对于Java有两种选择
I have deployed my web application in Apache Tomcat 9.x.x and I have two options for Java
- Openjdk版本1.8.x
- Oracle Java 1.8.x
我只需要允许使用TLS 1.2.
I need to allow TLS 1.2 only.
请帮助指导我实现这一目标.
Please help guide me to achieve this.
我尝试了以下链接(不确定它们是否过时).
I have tried to follow the following links(Not sure if they are outdated).
但是> https://www.ssllabs.com/ssltest/analyze.html?d = <<我的公共IP >>说:TLS 1.1&TLS 1.0仍处于启用状态.
But https://www.ssllabs.com/ssltest/analyze.html?d=<< my public IP >> says : TLS 1.1 & TLS 1.0 are still enabled.
如何在Apache tomcat 8中启用TLS v1.2,我正在使用Java 8
Tomcat是否支持TLS v1.2?(提到的两个步骤 oraclesoon 似乎无效)
Does Tomcat support TLS v1.2? (The two steps mentioned by oraclesoon doesn't seem to work)
Also HOW TO -- Disable weak ciphers in Tomcat 7 & 8 says sslProtocol is no longer used in java 8
推荐答案
我使用tomcat 9.0.14和JSSE.它工作正常.(使用TLSV1.1和TLSV1.2)
I use tomcat 9.0.14 and JSSE. it works fine. (using TLSV1.1 and TLSV1.2)
<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true">
<SSLHostConfig protocols="TLSv1.1,TLSv1.2">
<Certificate certificateKeystoreFile="conf/keystore.jks"
type="RSA" />
</SSLHostConfig>
</Connector>
请参阅: https://tomcat.apache.org/tomcat-9.0-doc/config/http.html#SSL_Support
这篇关于仅在apache-tomcat-9和Java 8中启用TLS 1.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
