AnsweredAssumed Answered

Tomcat7: SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability

Question asked by Pavel Bernshtam on Nov 25, 2014
Latest reply on Nov 26, 2014 by Pavel Bernshtam

Hi, I'm trying to solve SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability on Tomcat 7/JDK 8

 

Unfortunately we can't disable TSL1.0, because we have SalesForce integration and SalesForce uses TSL1.0, so I'm looking what is synonym for

SSLHonorCipherOrder On

SSLCipherSuite RC4-SHA:HIGH:!ADH

 

in Tomcat configuration

 

Thank you

Outcomes