Hi Otmar,
to get more information about what ciphers your server offers, you could use:
https://www.ssllabs.com/ssltest/ or
https://testssl.sh/
Then compare the resulting list with what your browser offers.
But since your tomcat config shows, the server should use TLS v1.2 I expect you to find "something" between your browser and your tomcat. ;-)
Kind regards
Thomas
--
Thomas Bahn
Diplom-Mathematiker
Geschäftsführer
Tel.: 04307 900-401
Fax: 04307 900-409
Mobil: 0173 935 79 16
E-Mail: tbahn@assono.de
https://www.assono.de
https://www.assono.de/blog
assono GmbH
Lise-Meitner-Straße 1-7
24223 Schwentinental
Geschäftsführer: Lydia Bahn, Thomas Bahn
Amtsgericht Kiel, HRB 8202 KI
Hauptsitz des Unternehmens: Schwentinental
"Otmar H. via Users" ---04.12.2021 20:13:55---Hello Martijn, I use ciphermail as described in the installation instructions for Suse. So, yes, Tom
Von: "Otmar H. via Users" <users@lists.ciphermail.com>
An: users@lists.ciphermail.com
Kopie: "Otmar H." <oh@gia-tec.com>
Datum: 04.12.2021 20:13
Betreff: [CipherMail User] Re: SSL_ERROR_NO_CYPHER_OVERLAP (Firefox)
Hello Martijn,
I use ciphermail as described in the installation instructions for Suse. So, yes, Tomcat is used directly. The configuration file is the original file.
server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE config [
<!ENTITY proxyName "">
]>
<!--
Tomcat configuration file for CipherMail.
-->
<Server>
<Service name="Catalina">
<!--
Configure HTTPS connector.
-->
<Connector
port="8443"
connectionTimeout="20000"
maxThreads="150"
scheme="https"
secure="true"
SSLEnabled="true"
sslProtocol="TLS"
sslEnabledProtocols="TLSv1.2"
keystoreFile="/usr/share/djigzo-web/ssl/sslCertificate.p12"
keystorePass="djigzo"
keystoreType="PKCS12"
proxyName="&proxyName;"
/>
<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" unpackWARs="true"/>
</Engine>
</Service>
</Server>
Thanks for the support
Otmar