Getting A on SSLLabs with Tomcat
If you manage any web-servers that host HTTPS content (which should be all of them), add SSLabs blog in your RSS reader to keep up to date with the latest security best-practices, and check your websites against their test suite on a regular basis. During our last test I found out that one Tomcat server might soon get a C. Here I describe the steps to ensure the best possible setup that can still give you an A.
Continue Reading