0 Replies Latest reply on Aug 12, 2014 4:06 PM by Jeff Lavezzo

    Allowed values for security-realm/server-identities/ssl.protocol

    Jeff Lavezzo Newbie

      I'm setting up Wildfly 8.1 with https as an upgrade to my JBoss AS 7.1.1 server.

       

      Previously I had my connector/ssl tag configured with the attribute

      protocol="ALL"

       

      In trying to replicate that with Wildfly 8 and undertow, I can't locate valid values for security-realm/server-identities/ssl.protocol

      "ALL" and "ANY" are not valid:

      <security-realm name="HTTPSRealm"> 

        <server-identities

        <ssl protocol="ALL"

        <keystore path="../keystore/aServer.jks" relative-to="jboss.home.dir" keystore-password="password" alias="aServer" key-password="password"/> 

        </ssl> 

        </server-identities> 

      </security-realm> 

       

      We have two particular client systems. One is limited to SSLv3, the other to TLSv2.  We can't, therefore, just use the default, "TLS".  Can anyone point me to a list of valid values for that field?  Is there any description of what the default value "TLS" translates to in practice (ex: TLSv2 and under as negotiated, etc.)?

       

      As an aside, the documentation at http://wildscribe.github.io/Wildfly/8.1.0.Final/core-service/management/security-realm/server-identity/ssl/index.html  while overall excellent has errors related to the security-realm/server-identities/ssl tag and it's attributes and children. Specifically, <ssl> is defined as having "keystore-path" as an attribute along with other attributes that are actually attributes of <ssl>'s child <keystore>.