This content has been marked as final.
Show 2 replies
-
1. Re: I need help configuring jboss to disable the weak ciphers
qbeach Sep 29, 2010 8:43 AM (in response to qbeach)I have some more information on my question. I found this link:http://achorniy.wordpress.com/2009/07/15/jboss-ssl-configuration/ that describes the process of editing the server.xml file. I need to know how to translate the ciphers from the list of problem ciphers to the format used to identify them in the server.xml. Is there a list or some reference to figure out how to list just the ciphers that are not marked with **?
-
2. Re: I need help configuring jboss to disable the weak ciphers
rabbaa.gabriel Oct 19, 2011 5:39 AM (in response to qbeach)for example use:
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA"/>
Try to not use ciphers which content:
EXP, DES,
DHE, anon
all other ciphers that don't content this algorithm will be ok and secure.