Apache Tomcat
In IT Services we have a small number of Tomcat servers, so thought it worthwhile providing the server.xml settings in case they're of use to others. However, note that:
- These settings have not been tested on a wide range of servers, and different settings may well be needed for different Java/Tomcat versions.
- The ciphers statement below is intended as a single line, but this doesn't fit on the web page.
SSLEnabled="true"
SSLProtocol="TLS"
Protocols="SSLv2Hello,TLSv1"
ciphers="TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA"