First of all, thanks for the time reading this.
I have a questions about a scan of my site:
This show me two warnings:
Thissite is intolerant to newer protocol versions, which might cause connectionfailures.
This site supports only older protocol versions, but not the most recent and moresecure TLS 1.2.
Can you explain this? i scan my site too with qualys guard and take and advice about disable weak cipher in tomcat:
But still give me the SSL/TLS use of weak RC4 cipher.
Who can disable RC4 in tomcat??, i have a oracle solution (weblogic).
to take away the warning i should enable TLS 1.2?? who this is possible in tomcat?.
Additionly SSL Scan says me that i have 4 certificates, and one of them say this:
VeriSign / Class 3 Public Primary Certification Authority In trust store
Tue Aug 01 23:59:59 UTC 2028 (expires in 14 years and 8 months)
RSA 1024 bits
VeriSign / Class 3 Public Primary Certification Authority Self-signed
MD2withRSA Weak, but not insecure on a self-signed cert
Where ssl scan take that information?? and what is "In Trus Store"?? SecureRenegotiation says that ACTION NEEDED, Who this enable in tomcat?.