|Anonymous | Login | Signup for a new account||10-30-2020 22:04 PDT|
|Main | My View | View Issues | Change Log | Docs|
|Viewing Issue Simple Details [ Jump to Notes ]||[ View Advanced ] [ Issue History ] [ Print ]|
|ID||Category||Severity||Reproducibility||Date Submitted||Last Update|
|0002792||[Resin]||minor||always||07-16-08 11:44||07-28-08 19:22|
|Summary||0002792: jsse ssl protocols|
(rep by Maithili Deshpande)
We are on windows XP and are working on upgrading to jdk 1.6 and resin 3.1.6. We are using jsse-ssl. As part of this upgrade we would like to disable SSLv2 and use SSLv3. From going thru' the documentation on the caucho site, it looks like the default is that all the protocols (sslv2, sslv3, TLsv1) are enabled.
I'm not finding any clear documentation/syntax on how to turn off SSLv2. I found something that says > to enable all except SSLv2, use:
SSLProtocol all -SSLv2
Enables or disables SSL v2 for a SSL port. If sslv2 is false, clients trying to use SSL v2 will fail.
But how do I configure this in my resin.conf file? Our resin.conf file is attached. Any help would be appreciated.
|07-16-08 11:44||ferg||New Issue|
|07-28-08 19:22||ferg||Note Added: 0003286|
|07-28-08 19:22||ferg||Assigned To||=> ferg|
|07-28-08 19:22||ferg||Status||new => closed|
|07-28-08 19:22||ferg||Resolution||open => fixed|
|07-28-08 19:22||ferg||Fixed in Version||=> 3.2.0|
|01-05-09 13:14||jhefer||Issue Monitored: jhefer|
|01-05-09 13:14||jhefer||Issue End Monitor: jhefer|
|03-22-10 19:35||ssexton||Issue Monitored: ssexton|
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
33 total queries executed.|
27 unique queries executed.