2 Replies Latest reply on Jan 30, 2015 5:06 AM by Philippe Marschall

    disable SSLV3 in Jboss AS

    sugun a Newbie



      I was trying to disable the SSLV3 in the JBoss AS 7.1.1 standalone by using the below configuration.


      But after applying this configuration still the jboss is supporing SSLV3 and SSLV2 as well along with TLS


      Could you please suggest some solution for the same?


      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" executor="http-executor" max-connections="200">

                      <ssl name="test-ssl" certificate-key-file="/opt/jboss-as-test/standalone/certs/test.pem" cipher-suite="AES128-SHA,DHE-RSA-AES128-SHA,DHE-RSA-AES256-SHA

      ,AES256-SHA256,DES-CBC3-SHA,DHE-RSA-CAMELLIA256-SHA,CAMELLIA128-SHA,CAMELLIA256-SHA,DHE-RSA-DES-CBC3-SHA,DHE-RSA-CAMELLIA128-SHA" protocol="TLSv1,TLSv1.1,TLSv1.2" certificate-file="/opt/jboss-as-test/standalone/certs/test-cert.pem"/>