Tomcat SSL Fails SSL-LABS Sacan

Posted by Wilmer on Server Fault See other posts from Server Fault or by Wilmer
Published on 2012-12-16T01:39:57Z Indexed on 2012/12/16 5:07 UTC
Read the original article Hit count: 166

Filed under:
|
|

I have installed an SSL for power2process.net but when i scan it with SSL-labs it ails for PCI compliancy: SSL_labs Scan

Here is the portion of my SSL Connector in the server.xml

Connector port="443" maxhttpheadersize="8192" address="127.0.0.1" enablelookups="false"
protocol="org.apache.coyote.http11.Http11Protocol"
disableUploadTimeout="true" acceptCount="100"
slProtocol="SSLv3+TLSv1"
ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"

   maxThreads="150" connectionTimeout="20000"
   SSLEnabled="true" scheme="https" secure="true"
   keystoreFile="/export/home/webadm/tomcat/conf/.keystore"
   keystorePass="*******"
   clientAuth="true"
   URIEncoding="UTF-8" compression="on"/>

the JRE version is "1.6.0_10"

© Server Fault or respective owner

Related posts about ssl

Related posts about tomcat