[jboss-user] [JBoss Remoting] - Disable Weak Ciphers for PCI-DSS
Ron Sigal
do-not-reply at jboss.com
Tue Apr 27 22:04:13 EDT 2010
Ron Sigal [http://community.jboss.org/people/ron.sigal%40jboss.com] replied to the discussion
"Disable Weak Ciphers for PCI-DSS"
To view the discussion, visit: http://community.jboss.org/message/539915#539915
--------------------------------------------------------------
Hi Sunil
> 1. Update the Remoting.jar to to 2.4.x version but I did not find any document to do this( I was also worried about it's impact on my swing clients and webservice).
Updating is just a matter of replacing jboss-remoting.jar. In the context of the Application Server (4.2.x), you want to replace it in $JBOSS_HOME/server/$CONFIG/lib and $JBOSS_HOME/client. Note, also, that client/jbossall-client.jar contains the Remoting files, so you would want to put jboss-remoting.jar in front of jbossall-client.jar on the classpath.
In principle, it should be possible to just drop in a new jboss-remoting.jar. I've heard of people using Remoting 2.4/2.5 with AS 4.2.x, and I'm not aware of any problems. No warranty, of course.
There's another alternative, though. You can configure Remoting to use a custom ServerSocketFactory, so you could write a ServerSocketFactory which sets the enabledCipherSuites property before returning the ServerSocket. See Section 5.7.3. "Server side configuration in the JBoss Application Server" in the Remoting Guide: http://docs.jboss.org/jbossremoting/2.2.3.SP2/html/ http://docs.jboss.org/jbossremoting/2.2.3.SP2/html/
-Ron
--------------------------------------------------------------
Reply to this message by going to Community
[http://community.jboss.org/message/539915#539915]
Start a new discussion in JBoss Remoting at Community
[http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2050]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20100427/33746686/attachment.html
More information about the jboss-user
mailing list