ly do:
openssl ciphers -v
'EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA:EECDH:EDH+AESGCM:EDH:+3DES:ECDH+AESGCM:ECDH+AES:ECDH:AES:HIGH:MEDIUM:!RC4:!CAMELLIA:!SEED:!aNULL:!MD5:!eNULL:!LOW:!EXP:!DSS:!PSK:!SRP'
Best,
rob
Robert Paasche
Senior Developer
pripares GmbH
Altheimer Eck 2
8033
size of the private-key, otherwise the Cipher has a length of only 512 or
1024 bits. Is it possible to release this fix within Tomcat 7.0.60?
thanks,
Robert
Robert Paasche
Senior Developer
pripares GmbH
Altheimer Eck 2
80331 München
Tel +49 (0)89 45 22 808 - 30
Fax +49 (0)89 45 22 808 - 58
ound on:
http://security.stackexchange.com/a/42816
Best,
Robert
Robert Paasche
Senior Developer
pripares GmbH
Altheimer Eck 2
80331 München
Tel +49 (0)89 45 22 808 - 30
Fax +49 (0)89 45 22 808 - 58
Mail r.paas...@pripares.com
Web www.pripares.com
Handelsregister: Registergericht München HRB 138701
Sitz der Gesellsc
A DH Cipher of length 2048 bits uses a prime of 256 so even a private key
of 8192 bits should match the requirements of java 7.
Example:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits (p: 256, g: 1,
Ys: 256)
p = prime
Robert Paasche
Senior Developer
pripares GmbH
Altheimer Eck 2
sorry some mails dose not reach the list, i will add the information inline:
2015-03-10 18:23 GMT+01:00 Christopher Schultz :
> Robert,
>
> On 3/10/15 12:16 PM, Robert Paasche wrote:
> > The problem is, that openssl call the method "SSL_callback_tmp_DH" with
> > ke
