Hello!
What is the best value for SSLProtocol parameter in Tomcat APR config? Docs says: "Protocol which may be used for communicating with clients. The default is "all", with other acceptable values being "SSLv2", "SSLv3", "TLSv1", and "SSLv2+SSLv3"."
At first I've made a mistake and actually had SSL2 enabled which caused problems to many clients like "SSL2 not supported, you must switch to TLS". So I changed that to "TLSv1" and it was OK till I've got some problems with remote http requests.
Finally I changed the value to "all" (default). Is it correct? Or SSL2 must be disabled?
Thanks in advance!