This content has been marked as final.
Show 2 replies
-
1. Re: Wildfly 9.0.1 still have cve-2009-3555 Renegotiation vulnerability problem??
mayerw01 Aug 24, 2015 12:02 PM (in response to yinghanliu)Did you look into this thread How to Disable TLS Renegotiation on JBoss 7.1
-
2. Re: Wildfly 9.0.1 still have cve-2009-3555 Renegotiation vulnerability problem??
yinghanliu Aug 24, 2015 8:18 PM (in response to mayerw01)yes, i have read this thread How to Disable TLS Renegotiation on JBoss 7.1
i try to set the same coonfig for standalone.conf. Set JAVA_OPTS allowUnsafeRenegotiation to false.
but it still not work (stell have vulnerability )
JAVA_OPTS="$JAVA_OPTS -Dsun.security.ssl.allowUnsafeRenegotiation=false
-Dsun.security.ssl.allowLegacyHelloMessages=false
-Dsun.security.ssl.allowUnsafeLegacyRenegotiation=false
-Dorg.apache.coyote.http11.Http11Protocol.MAX_KEEP_ALIVE_REQUEST=1"