How can I programmatically restrict the available ciphers in embedded Tomcat?
In other words what is the programmatic equivalent of
<connector ciphers="...">
Asked
Active
Viewed 347 times
0
Axel Fontaine
- 34,542
- 16
- 106
- 137
-
What does your driver code look like already? Are you manually configuring a `Connector`? – Christopher Schultz May 21 '15 at 17:15
-
Yes, I am configuring a connector – Axel Fontaine May 22 '15 at 17:35
1 Answers
0
It looks like that's a setting that doesn't have a direct Connector.set*Foo* method. Try this:
Connector conn = ...;
conn.setProperty("Ciphers", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, ...");
If you are using Tomcat 8, you can also use OpenSSL syntax, even when using a JSSE-based connector. See the "Ciphers" section of http://tomcat.apache.org/tomcat-8.0-doc/config/http.html for more information.
Christopher Schultz
- 20,221
- 9
- 60
- 77