[jboss-dev] SSL Renegotiation Vulnerability in JBoss 4.2.3
Hi,
I have added 2 java options to disable renegotiation and legacy hello message with jre
1.6.0.22 above. However I am still able to test renegotiation in openssl. I heard the jre
I am using should disable it by default.
What is the right way to do?
Tan
Sent by DiGi from my BlackBerry® Smartphone