|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 2360 | minor | always | 01-23-08 10:58 | 03-05-08 17:33 | |
|
|
|||||
| Reporter: | ferg | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 3.1.4 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 3.1.6 | ||
|
|
|||||
| Summary: | 0002360: jsse cipher-suites | ||||
| Description: |
(rep by Jay Ballinger) I'm currently using JSSE vs. OpenSSL for my SSL configuration. I now need to restrict the ciphers so use of the weaker ciphers are not allowed; for instance, anything < 128-bit. The JSSE documentation says that the following system property can be used to set the enabled ciphers, assuming that they are supported. Setting this property seems to have no impact on the ciphers being used by Resin, however. <system-property https.cipherSuites="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"/> Does anyone have a solution to this problem? |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||