0

I have configured ssl on tomcat, and dislabled tls support on IE, and enabled ssl support, but still i get erro message saying

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings

Tomcat setting 

 <Connector
       protocol="org.apache.coyote.http11.Http11NioProtocol"
       port="8443" maxThreads="200"
       scheme="https" secure="true" SSLEnabled="true"
       keystoreFile="C:\OpenSSL\bin\PAS\keystore.jks"   keystorePass="******"
       clientAuth="false" sslProtocol="SSLV3"/>
Juniad Ahmed
  • 155
  • 3
  • 14
  • What java version are you using? From java8 update 31 and up SSLv3 is disabled by default for security reasons, so you [need to manually enable it](http://stackoverflow.com/questions/28236091/how-to-enable-ssl-3-in-java), but you really shouldn't. These old SSL versions need to die. – mata May 10 '16 at 06:55
  • This doesn't answer your question, but: SSLv3 is deprecated for a reason. You should not use it. Browsers are *removing support* for SSL so that in the future, you won't even have the *option* to use it. Do you have an exceptionally good reason for knowingly using a deprecated, insecure protocol when better alternatives are available? – Wyzard May 10 '16 at 06:57
  • Hello Wyzard, I want to use SSLv3 support fo r testing, i need to make sure that and capture sslv3 support before and after screenshots, I am using java 8, SO how do i enable SSLV3 for java 8? – Juniad Ahmed May 10 '16 at 07:20
  • Don't waste your time and use at least TLS 1.0. There is nothing to test with SSL 3.0. – Michael-O May 10 '16 at 20:22

1 Answers1

0

You are confusing the sslProtocol configuration directive with sslEnabledProtocols. Please have a look at the Tomcat Configuration Guide for the difference between these two attributes.

In short:

  • sslProtocol is used to choose the engine to be used. Choosing SSL or TLS will essentially give you the same behavior
  • sslEnableProtocols chooses which exact protocols will be used for handshahkes (e.g. SSLv3, TLSv1.2, etc.)
Christopher Schultz
  • 20,221
  • 9
  • 60
  • 77