activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Shannon <christopher.l.shan...@gmail.com>
Subject Re: Disabling SSLv3 in embedded web-console jetty
Date Thu, 09 Jul 2015 12:51:43 GMT
If you are using JDK 8u31 or greater, SSLv3 is disabled by default.  The
typical way to disable a cipher is to use the addExcludeProtocols method on
the ssl context factory, such as:
sslContextFactory.addExcludeProtocols("SSLv3");

I'm not sure if there is an easy way to do this with a websocket transport
right now but with the web console, you should be able to modify the
example xml to this:

<bean id="SecureConnector"
class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
       <property name="port" value="8161" />
       <property name="keystore" value="some-path/ssl/server-keystore" />
       <property name="password" value="some-passsword" />
       <property name="excludeCipherSuites" value="SSLv3" />
</bean>
You just need to add that excludeCipherSuites property.

On Thu, Jul 9, 2015 at 12:32 AM, shlomos <shlomi.avihou@nice.com> wrote:

> Have you found a solution for this case ?
>
> Thanks !!
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/Disabling-SSLv3-in-embedded-web-console-jetty-tp4687156p4698861.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message