https://bz.apache.org/bugzilla/show_bug.cgi?id=59209
--- Comment #6 from Huxing Zhang <huxing.zh...@gmail.com> --- Hi, I think specifying cipher suites is another solution, but may be more complicate, because: 1) we don't know what http version client will use, HTTP/1.x over TLS or HTTP/2 over TLS 2) different client may support different protocols, e.g. ECDHE-ECDSA-CHACHA20-POLY1305 is only supported by Chrome You have to care about the cipher list, as well as the cipher order. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
