Tomcat server.xml templates require the sslEnabledProtocols parameter to
When leveraging custom Hiera to secure my Tomcat instance, I noticed that the sslProtocols value (set in the server.xml.erb file) only sets the maximum version of the SSL protocol offered. That is, if you set sslProtocols to TLSv1.2, it offers 1.0, 1.1 and 1.2 (but not 1.3).
To actually restrict the protocols used for a client connection, you need to also use the sslEnabledProtocols parameter (https://tomcat.apache.org/tomcat-7.0-doc/config/http.html)
#3 Updated by Rich Jerrido almost 3 years ago
- % Done changed from 0 to 100
- Status changed from Ready For Testing to Closed
Applied in changeset puppet-candlepin|7320f16d2acfab52d7da26e3b4bdee44501244a9.