[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] BREAKTHROUGH (but not solved) Re: Problem: (GSKit) No compatible cipher suite available between SSL end points.



On 10/9/17, 2:19 PM, Christopher Schultz (Tomcat List guru) wrote (with regard to a "ciphers" clause in a connector tag):
. . .
You need to list everything.
. . .

Ok. I really didn't need a command-line tool (thanks, though, on behalf of whoever actually does end up needing one); just an example, and I found one at https://tinyurl.com/y9aqpkvm

Based on that example, I then pulled up the "Configured ciphers per connector" page on the TC 8.5 server, and copied and pasted all of them into a new ciphers clause on my connector tag, and then copied and pasted TLS_RSA_WITH_AES_256_CBC_SHA in at the end, from a copy of the SSLInfo output. After restarting Tomcat, "TLS_RSA_WITH_AES_256_CBC_SHA" appeared in the "Configured ciphers" page, and the AS/400 was able to access the server.

Thanks, Messrs. Schultz, Kreuser, Thomas of the Tomcat List, and Messrs Stone and Klement of the HTTPAPI List.

--
JHHL

--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi