2 Replies Latest reply on Jan 30, 2015 5:06 AM by Philippe Marschall

    disable SSLV3 in Jboss AS

    sugun a Newbie

      Hi,

       

      I was trying to disable the SSLV3 in the JBoss AS 7.1.1 standalone by using the below configuration.

       

      But after applying this configuration still the jboss is supporing SSLV3 and SSLV2 as well along with TLS

       

      Could you please suggest some solution for the same?

       

      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" executor="http-executor" max-connections="200">

                      <ssl name="test-ssl" certificate-key-file="/opt/jboss-as-test/standalone/certs/test.pem" cipher-suite="AES128-SHA,DHE-RSA-AES128-SHA,DHE-RSA-AES256-SHA

      ,AES256-SHA256,DES-CBC3-SHA,DHE-RSA-CAMELLIA256-SHA,CAMELLIA128-SHA,CAMELLIA256-SHA,DHE-RSA-DES-CBC3-SHA,DHE-RSA-CAMELLIA128-SHA" protocol="TLSv1,TLSv1.1,TLSv1.2" certificate-file="/opt/jboss-as-test/standalone/certs/test-cert.pem"/>

       

       

      Thanks

      Sugunakar