cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: git commit: Disallow SSLv3 by default in Jetty
Date Wed, 22 Oct 2014 09:09:28 GMT
Yep good idea, I will fix this.

Colm.

On Wed, Oct 22, 2014 at 9:03 AM, Willem Jiang <willem.jiang@gmail.com>
wrote:

> Hi Colm,
>
> If I ran below code with Oracle JDK, I can see SSLv2Hello, SSLv3 there.
>
> SSLContext context = SSLContext.getInstance(“TSL”);
> SSLEngine engine = context.createSSLEngine();
> print engine.getEnabledProtocols()
>
> I guess we need to exclude the SSLv2Hello at the same time.
>
> Regards,
>
> --
> Willem Jiang
>
> Red Hat, Inc.
> Web: http://www.redhat.com
> Blog: http://willemjiang.blogspot.com (English)
> http://jnn.iteye.com (Chinese)
> Twitter: willemjiang
> Weibo: 姜宁willem
>
>
>
> On October 20, 2014 at 11:45:39 PM, coheigea@apache.org (
> coheigea@apache.org) wrote:
>
> > > + if (!"SSLv3".equals(proto)) {
> > + scf.addExcludeProtocols("SSLv3");
> > + }
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message