Jean-Ferderic,
On 7/9/21 07:55, jean-frederic clere wrote:
On 09/07/2021 12:38, Mark Thomas wrote:
On 09/07/2021 11:08, jean-frederic clere wrote:
Hi,
I think we need the same fix in tomcat or I missed something?
If we need it I will work on it next week ;-)
To clarify, you mean checking Tomcat can (and implementing if it
can't) the ability to configure supported SSL protocols per virtual host.
Yes.
We should have most of this in SSLHostConfig but I don't recall ever
testing this behaviour specifically.
Just as a reminder, both <Host .../> elements and <SSLHostConfig .../>
are likely to be required as the are configured separately.
Quick test and code review seems to show it is not working (I tested the
apr connector and 9.0.x).
Can you post a sample config?
I assume you mean:
1. Define two <Host>, configure for TLS
a. One attempting to use e.g. only TLSv1
b. One attempting to use e.g. only TLSv1.2
2. Run a protocol-checker against both hosts
Result is that host (a) supports not-only TLSv1 and/or host (b) supports
not-only TLSv1.2?
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
