Hello Sir.
Application server OS: windows server 2008 R2
Application server Java version: jdk1.6.0_21
Application server JBoss version: JBoss Enterprise Application Platform 6
I have installed the SSL certificate in application server, but using openssl to test the server show below alert, how can I fix the issues. Thanks a lot.
You can provide comma separated list of cipher suites by setting "cipher-suite " attribute on ssl element for https connector.
Get the list of supported ciphers by JDK and include in the list.
<ssl key-alias="ssl" cipher-suite="TLS_RSA_WITH_AES_256_CBC_SHA256,........" protocol="TLSv1.2," ........./>
You can disable weak ciphers (RC4, DES, 3DES, EXPORT etc) in $JDK_HOME/jre/lib/security/java.security file in java 8
jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DES, DESede, EXPORT, DH keySize < 2048
I would recommend you to use to JDK 1.8 with latest release from EAP i.e 7.1.x