1 2 Previous Next 16 Replies Latest reply on Jul 23, 2015 8:21 AM by leo chen

    What is cipher-suite used for in standalone.xml

    leo chen Newbie

      I am using JBoss version 6.4. In standalone.xml, the ssl is configured with cipher-suite as below (by default, cipher-suite is not configured.)

       

      <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
          <ssl password="password" certificate-key-file="${jboss.server.config.dir}/test.keystore" cipher-suite=
      "SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"
          />
      </connector>
      
      

       

      My question is

      1. What cipher-suite is used for?

      2. What kinds of code can be put here? Because we have clients having problems connecting to our server due to the browser declaring our server using a weak SSL cipher. Probably we need to update the list of SSL ciphers to the latest “safe” list. Any idea what that might be?


      Thanks for helping.

        1 2 Previous Next