diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-26 00:02:29 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2011-08-26 00:02:29 +0000 |
commit | 4f6928cc0493ede41e90b6fa4e1cde570bd17336 (patch) | |
tree | f73d03580d02af6455a388366474cdc98c4e0819 /pki/base/tks/shared | |
parent | e90d291d9a737369587711eb6a879d700a3c5d7b (diff) | |
download | pki-4f6928cc0493ede41e90b6fa4e1cde570bd17336.tar.gz pki-4f6928cc0493ede41e90b6fa4e1cde570bd17336.tar.xz pki-4f6928cc0493ede41e90b6fa4e1cde570bd17336.zip |
Bugzilla 730146 - SSL handshake picks non-FIPS ciphers in FIPS mode
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@2180 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/tks/shared')
-rw-r--r-- | pki/base/tks/shared/conf/server.xml | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/pki/base/tks/shared/conf/server.xml b/pki/base/tks/shared/conf/server.xml index ff33b9aa4..6217ce1d9 100644 --- a/pki/base/tks/shared/conf/server.xml +++ b/pki/base/tks/shared/conf/server.xml @@ -128,11 +128,12 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) ocspMinCacheEntryDuration="60" ocspMaxCacheEntryDuration="120" ocspTimeout="10" + strictCiphers="false" clientAuth="[PKI_AGENT_CLIENTAUTH]" sslOptions="[TOMCAT_SSL_OPTIONS]" ssl2Ciphers="[TOMCAT_SSL2_CIPHERS]" ssl3Ciphers="[TOMCAT_SSL3_CIPHERS]" - tls3Ciphers="[TOMCAT_TLS3_CIPHERS]" + tlsCiphers="[TOMCAT_TLS_CIPHERS]" serverCertNickFile="[PKI_INSTANCE_PATH]/conf/serverCertNick.conf" passwordFile="[PKI_INSTANCE_PATH]/conf/password.conf" passwordClass="org.apache.tomcat.util.net.jss.PlainPasswordFile" @@ -146,11 +147,12 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) acceptCount="100" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" SSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementation" + strictCiphers="false" clientAuth="false" sslOptions="[TOMCAT_SSL_OPTIONS]" ssl2Ciphers="[TOMCAT_SSL2_CIPHERS]" ssl3Ciphers="[TOMCAT_SSL3_CIPHERS]" - tls3Ciphers="[TOMCAT_TLS3_CIPHERS]" + tlsCiphers="[TOMCAT_TLS_CIPHERS]" serverCertNickFile="[PKI_INSTANCE_PATH]/conf/serverCertNick.conf" passwordFile="[PKI_INSTANCE_PATH]/conf/password.conf" passwordClass="org.apache.tomcat.util.net.jss.PlainPasswordFile" @@ -163,11 +165,12 @@ Tomcat Port = [TOMCAT_SERVER_PORT] (for shutdown) acceptCount="100" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" SSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementation" + strictCiphers="false" clientAuth="false" sslOptions="[TOMCAT_SSL_OPTIONS]" ssl2Ciphers="[TOMCAT_SSL2_CIPHERS]" ssl3Ciphers="[TOMCAT_SSL3_CIPHERS]" - tls3Ciphers="[TOMCAT_TLS3_CIPHERS]" + tlsCiphers="[TOMCAT_TLS_CIPHERS]" serverCertNickFile="[PKI_INSTANCE_PATH]/conf/serverCertNick.conf" passwordFile="[PKI_INSTANCE_PATH]/conf/password.conf" passwordClass="org.apache.tomcat.util.net.jss.PlainPasswordFile" |