Re: [jbossws-users] How to disable weak ciphersuites for a SSL secured webservice

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, I got my requirements solved. According to: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=75091 configuring the Tomcat connector to (via deploy/jbossweb-tomcat55.sar/server.xml): <Connector port=....... sslProtocol="TLS" ciphers=" SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA" /> restricts the available server-side SSL/TLS ciphersuites to the ones given. - -- Mit freundlichen Grüßen, Wolfgang Moser _______________________________________________________________ SRC Security Research & Consulting GmbH Graurheindorfer Str. 149 a Tel: +49(0)228-2806-149 53117 Bonn Fax: +49(0)228-2806-199 http://www.src-gmbh.de Mob: +49(0) Handelsregister Bonn: HRB 9414 Geschäftsführer: Gerd Cimiotti