[jbossws-users] How to disable weak ciphersuites for a SSL secured webservice
Wolfgang Moser
wolfgang.moser at src-gmbh.de
Mon Apr 16 04:05:34 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello,
I got my requirements solved. According to:
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=75091
configuring the Tomcat connector to (via
deploy/jbossweb-tomcat55.sar/server.xml):
<Connector port=.......
sslProtocol="TLS" ciphers="
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA,
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_3DES_EDE_CBC_SHA,
SSL_RSA_WITH_RC4_128_MD5,
SSL_RSA_WITH_RC4_128_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
TLS_RSA_WITH_AES_128_CBC_SHA,
TLS_RSA_WITH_AES_256_CBC_SHA" />
restricts the available server-side SSL/TLS
ciphersuites to the ones given.
- --
Mit freundlichen Grüßen,
Wolfgang Moser
_______________________________________________________________
SRC Security Research & Consulting GmbH
Graurheindorfer Str. 149 a Tel: +49(0)228-2806-149
53117 Bonn Fax: +49(0)228-2806-199
http://www.src-gmbh.de Mob: +49(0)
Handelsregister Bonn: HRB 9414 Geschäftsführer: Gerd Cimiotti
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
iQEVAwUBRiMuTV351eL5alt0AQipGgf+MR0ZU9SNnRSa9GjgmoEDvvl7rj5BZJlK
T+dF81yY06UPYR9tQ4GSpEApi9kTFzDbTx8+Ig4/2HyGSMDV7ajqKpI2Mf115x/2
9m9GzrC5RWHQkcYP7nduqLzHIGPuuqpc6SzM3SjfyanMkyp55+BpUDoKt0AOMDoy
u7qv3FAlW4CxJ3gHyQHvW+GubeU1KvEyK5ywj98JCTwokL4puLQ2mft/HJAO5FUH
NeCWNgsWnBflh9shObCGc/AMrD0m8ykmZ5y66zomGqgTmeKDRejNttEtJqi457Dk
pgT/7fS8UunVzDwEnbcUZW2CIsEHI1YHr2mS/4OZqAJJ4ba0cv6fbA==
=pq/2
-----END PGP SIGNATURE-----
More information about the jbossws-users
mailing list