SSLProtocol, TLS and Internet Explorer

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

JSP - A mailing list about Java Server Pages specification and reference

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Servlet : Session invalidate
•	Oracle Connection Pooling in 3 2 2
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Running a Simple JMS Example
•	Tomcat and webapplication specific java library path
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	Value attribute of <html:checkbox
•	url string for connecting jboss to oracle
•	javax servlet ServletException: BeanUtils populate
•	5 0 18: Windows XP Pro vs Windows 2000
•	HTTP Status 404 The requested resource is not available

SSLProtocol, TLS and Internet Explorer

SSLProtocol, TLS and Internet Explorer

2007-08-09 - By Henderson,Nathan

Back
We are having a problem with our Standalone tomcat Server SSL Connectors
and viewing servlets in Internet Explorer 7on Windows Vista.

With the original config in the server.xml and SSLProtocol set to "SSL"
It works fine on IE6, and IE7 on XP. It does not work on IE7 on Windows
Vista.

When the protocol is set to TLS, it works in IE7 on Vista, but not IE6.

You can get around this by in IE7 turning off the "Use TLS 1.0" option
on IE, or turning this option on in IE6. We do not feel this workaround
is sufficient for our needs.

We want a way to not have to make these changes. I seriously think it
has to do with the Java we are using because of what I have seen in the
Tomcat docs.

"The encryption/decryption protocol to be used on this socket. It is not
recommended to change this value if you are using Sun's JVM. It is
reported that IBM's 1.4.1 implementation of the TLS protocol is not
compatible with some popular browsers. In this case, use the value SSL."

We are using IBM Java 1.5.0
java version "1.5.0"
Java(TM) 2 Runtime Environment, Standard Edition (build
pxi32dev-20060511 (See http://dev-20060511.ora-code.com) (SR2))
IBM J9 VM (build 2.3, J2RE 1.5.0 IBM J9 2.3 Linux x86-32
j9vmxi3223-20060504 (JIT enabled)
J9VM - 20060501_06428_lHdSMR
JIT - 20060428_1800_r8
GC - 20060501_AA)
JCL - 20060511a
And Tomcat 5.5.20
Here is the Server.xml for the connector

<Connector address="XXX.XX.XXX.XX" port="443"
maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="SSL"
keystoreFile="/usr/local/bin/ice/sslcerts/.keystore"
keystorePass="changeme" algorithm="IbmX509" />

Would we be able to fix this problem, by going Sun Java and redoing
keystores and certificates? Would this allow the TLS Protocol to work
for all browsers?

Thanks in advance for the help!