Page History
...
- Open the
<PRODUCT_HOME>/repository/conf/tomcat/
file.catalina-server.xml
- Make a backup of the
catalina-server.xml
file and stop the WSO2 product server. Add the
cipher
attribute to the existing configuration in thecatalina-server.xml
file by adding the list of ciphers that you want your server to support as follows:ciphers="<cipher-name>,<cipher-name>"
. For example,
Code Block For Tomcat version 7.0.59 and JDK version 1.7: ciphers="SSLTLS_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHEECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_3DESAES_EDE128_CBC_SHASHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHASHA256,TLS_DHEECDHE_RSAECDSA_WITH_AES_128_CBC_SHA, TLSTLS_ECDHE_RSA_WITH_AES_256128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256128_CBC_SHA" For Tomcat version 7.0.59 and JDK version 1.8: ciphers="SSLTLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_RC4AES_128_CBC_MD5SHA256,SSLTLS_DHE_RSA_WITH_RC4AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"
- Start the server.
To verify that the configurations are all set correctly, download and run the TestSSLServer.jar.
Code Block $ java -jar TestSSLServer.jar localhost 9443
- Note that in the output that you get, the section "Supported cipher suites" does not contain any export ciphers.
...
Overview
Content Tools
Activity