[undertow-dev] Help embedding undertow and TLS
Stuart Douglas
sdouglas at redhat.com
Thu Jan 14 02:49:58 EST 2016
You control this via XNIO Options (e.g. org.xnio.Options#SSL_CLIENT_AUTH_MODE).
You can specify them using io.undertow.Undertow.Builder#setSocketOption
In your case you need:
SSL_CLIENT_AUTH_MODE: controls client auth
SSL_ENABLED_PROTOCOLS: control allows SSL/TLS versions
SSL_ENABLED_CIPHER_SUITES: control ciphers
Stuart
----- Original Message -----
> From: "Marc Boorshtein" <marc.boorshtein at tremolosecurity.com>
> To: "undertow-dev at lists jboss. org" <undertow-dev at lists.jboss.org>
> Sent: Friday, 8 January, 2016 4:41:40 PM
> Subject: [undertow-dev] Help embedding undertow and TLS
>
> I'm trying to replace Jetty 7 with with Undertow 1.3.11.Final. In Jetty 7 I
> was able to create an
> org.eclipse.jetty.util.ssl.SslContextFactory that let me:
>
> 1. determine if client auth is needed, allowed or required
> 2. disable sslv3
> 3. enable only certain ciphers
>
> Looking at undertow I see that I can use Undertow.addHttpsListener with an
> SSLContext but I don't see how set client auth, ciphers, etc.
>
> Any help would be greatly appreciated.
>
> Thanks
>
>
> Marc Boorshtein
> CTO Tremolo Security
> marc.boorshtein at tremolosecurity.com
>
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
More information about the undertow-dev
mailing list