Author: krisden Date: Tue Oct 2 20:04:18 2018 New Revision: 1842651 URL: http://svn.apache.org/viewvc?rev=1842651&view=rev Log: KNOX-1291 - ssl.include|exclude.ciphers & ssl.exclude.protocols support comma or pipe separated lists (Khalid Diriye via Kevin Risden)
Modified: knox/site/books/knox-0-10-0/deployment-overview.png knox/site/books/knox-0-10-0/deployment-provider.png knox/site/books/knox-0-10-0/deployment-service.png knox/site/books/knox-0-10-0/general_saml_flow.png knox/site/books/knox-0-10-0/runtime-overview.png knox/site/books/knox-0-10-0/runtime-request-processing.png knox/site/books/knox-0-10-0/user-guide.html knox/site/books/knox-0-11-0/deployment-overview.png knox/site/books/knox-0-11-0/deployment-provider.png knox/site/books/knox-0-11-0/deployment-service.png knox/site/books/knox-0-11-0/general_saml_flow.png knox/site/books/knox-0-11-0/runtime-overview.png knox/site/books/knox-0-11-0/runtime-request-processing.png knox/site/books/knox-0-11-0/user-guide.html knox/site/books/knox-0-12-0/deployment-overview.png knox/site/books/knox-0-12-0/deployment-provider.png knox/site/books/knox-0-12-0/deployment-service.png knox/site/books/knox-0-12-0/general_saml_flow.png knox/site/books/knox-0-12-0/runtime-overview.png knox/site/books/knox-0-12-0/runtime-request-processing.png knox/site/books/knox-0-12-0/user-guide.html knox/site/books/knox-0-13-0/deployment-overview.png knox/site/books/knox-0-13-0/deployment-provider.png knox/site/books/knox-0-13-0/deployment-service.png knox/site/books/knox-0-13-0/general_saml_flow.png knox/site/books/knox-0-13-0/runtime-overview.png knox/site/books/knox-0-13-0/runtime-request-processing.png knox/site/books/knox-0-13-0/user-guide.html knox/site/books/knox-0-14-0/deployment-overview.png knox/site/books/knox-0-14-0/deployment-provider.png knox/site/books/knox-0-14-0/deployment-service.png knox/site/books/knox-0-14-0/general_saml_flow.png knox/site/books/knox-0-14-0/runtime-overview.png knox/site/books/knox-0-14-0/runtime-request-processing.png knox/site/books/knox-0-14-0/user-guide.html knox/site/books/knox-0-4-0/deployment-overview.png knox/site/books/knox-0-4-0/deployment-provider.png knox/site/books/knox-0-4-0/deployment-service.png knox/site/books/knox-0-4-0/runtime-overview.png knox/site/books/knox-0-4-0/runtime-request-processing.png knox/site/books/knox-0-5-0/deployment-overview.png knox/site/books/knox-0-5-0/deployment-provider.png knox/site/books/knox-0-5-0/deployment-service.png knox/site/books/knox-0-5-0/runtime-overview.png knox/site/books/knox-0-5-0/runtime-request-processing.png knox/site/books/knox-0-6-0/deployment-overview.png knox/site/books/knox-0-6-0/deployment-provider.png knox/site/books/knox-0-6-0/deployment-service.png knox/site/books/knox-0-6-0/runtime-overview.png knox/site/books/knox-0-6-0/runtime-request-processing.png knox/site/books/knox-0-7-0/deployment-overview.png knox/site/books/knox-0-7-0/deployment-provider.png knox/site/books/knox-0-7-0/deployment-service.png knox/site/books/knox-0-7-0/general_saml_flow.png knox/site/books/knox-0-7-0/runtime-overview.png knox/site/books/knox-0-7-0/runtime-request-processing.png knox/site/books/knox-0-8-0/deployment-overview.png knox/site/books/knox-0-8-0/deployment-provider.png knox/site/books/knox-0-8-0/deployment-service.png knox/site/books/knox-0-8-0/general_saml_flow.png knox/site/books/knox-0-8-0/runtime-overview.png knox/site/books/knox-0-8-0/runtime-request-processing.png knox/site/books/knox-0-9-0/deployment-overview.png knox/site/books/knox-0-9-0/deployment-provider.png knox/site/books/knox-0-9-0/deployment-service.png knox/site/books/knox-0-9-0/general_saml_flow.png knox/site/books/knox-0-9-0/runtime-overview.png knox/site/books/knox-0-9-0/runtime-request-processing.png knox/site/books/knox-0-9-0/user-guide.html knox/site/books/knox-0-9-1/deployment-overview.png knox/site/books/knox-0-9-1/deployment-provider.png knox/site/books/knox-0-9-1/deployment-service.png knox/site/books/knox-0-9-1/general_saml_flow.png knox/site/books/knox-0-9-1/runtime-overview.png knox/site/books/knox-0-9-1/runtime-request-processing.png knox/site/books/knox-0-9-1/user-guide.html knox/site/books/knox-1-0-0/deployment-overview.png knox/site/books/knox-1-0-0/deployment-provider.png knox/site/books/knox-1-0-0/deployment-service.png knox/site/books/knox-1-0-0/general_saml_flow.png knox/site/books/knox-1-0-0/runtime-overview.png knox/site/books/knox-1-0-0/runtime-request-processing.png knox/site/books/knox-1-0-0/user-guide.html knox/site/books/knox-1-1-0/deployment-overview.png knox/site/books/knox-1-1-0/deployment-provider.png knox/site/books/knox-1-1-0/deployment-service.png knox/site/books/knox-1-1-0/general_saml_flow.png knox/site/books/knox-1-1-0/runtime-overview.png knox/site/books/knox-1-1-0/runtime-request-processing.png knox/site/books/knox-1-1-0/user-guide.html knox/site/index.html knox/site/issue-tracking.html knox/site/license.html knox/site/mail-lists.html knox/site/project-info.html knox/site/team-list.html knox/trunk/books/0.10.0/config.md knox/trunk/books/0.11.0/config.md knox/trunk/books/0.12.0/config.md knox/trunk/books/0.13.0/config.md knox/trunk/books/0.14.0/config.md knox/trunk/books/0.9.0/config.md knox/trunk/books/0.9.1/config.md knox/trunk/books/1.0.0/config.md knox/trunk/books/1.1.0/config.md Modified: knox/site/books/knox-0-10-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-10-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-10-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-10-0/user-guide.html (original) +++ knox/site/books/knox-0-10-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -555,17 +555,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-0-11-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-11-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-11-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-11-0/user-guide.html (original) +++ knox/site/books/knox-0-11-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -589,17 +589,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-0-12-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-12-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-12-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-12-0/user-guide.html (original) +++ knox/site/books/knox-0-12-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -619,17 +619,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-0-13-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-13-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-13-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-13-0/user-guide.html (original) +++ knox/site/books/knox-0-13-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -660,17 +660,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-0-14-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-14-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-14-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-14-0/user-guide.html (original) +++ knox/site/books/knox-0-14-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -699,17 +699,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> <tr> Modified: knox/site/books/knox-0-4-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-4-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-4-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-5-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-5-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-6-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-6-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-7-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-7-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-8-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-8-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-9-0/user-guide.html (original) +++ knox/site/books/knox-0-9-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -553,17 +553,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-0-9-1/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-0-9-1/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-0-9-1/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-0-9-1/user-guide.html (original) +++ knox/site/books/knox-0-9-1/user-guide.html Tue Oct 2 20:04:18 2018 @@ -553,17 +553,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> </tbody> Modified: knox/site/books/knox-1-0-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-0-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-0-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-1-0-0/user-guide.html (original) +++ knox/site/books/knox-1-0-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -699,17 +699,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td>ssl.include.ciphers</td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td>ssl.exclude.ciphers</td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td>ssl.exclude.protocols</td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td>SSLv3</td> </tr> <tr> Modified: knox/site/books/knox-1-1-0/deployment-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/deployment-provider.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-provider.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/deployment-service.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/deployment-service.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/general_saml_flow.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/general_saml_flow.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/runtime-overview.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-overview.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/runtime-request-processing.png URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/runtime-request-processing.png?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== Binary files - no diff available. Modified: knox/site/books/knox-1-1-0/user-guide.html URL: http://svn.apache.org/viewvc/knox/site/books/knox-1-1-0/user-guide.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/books/knox-1-1-0/user-guide.html (original) +++ knox/site/books/knox-1-1-0/user-guide.html Tue Oct 2 20:04:18 2018 @@ -703,17 +703,17 @@ https://{gateway-host}:{gateway-port}/{g </tr> <tr> <td><code>ssl.include.ciphers</code></td> - <td>A comma separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to accept for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>all</td> </tr> <tr> <td><code>ssl.exclude.ciphers</code></td> - <td>A comma separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> + <td>A comma or pipe separated list of ciphers to reject for SSL. See the <a href="http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider">JSSE Provider docs</a> for possible ciphers. These can also contain regular expressions as shown in the <a href="http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html">Jetty documentation</a>.</td> <td>none</td> </tr> <tr> <td><code>ssl.exclude.protocols</code></td> - <td>Excludes a comma separated list of protocols to not accept for SSL or “none”</td> + <td>Excludes a comma or pipe separated list of protocols to not accept for SSL or “none”</td> <td><code>SSLv3</code></td> </tr> <tr> Modified: knox/site/index.html URL: http://svn.apache.org/viewvc/knox/site/index.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/index.html (original) +++ knox/site/index.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Announcing Apache Knox 1.1.0!</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/site/issue-tracking.html URL: http://svn.apache.org/viewvc/knox/site/issue-tracking.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/issue-tracking.html (original) +++ knox/site/issue-tracking.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Issue Tracking</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/site/license.html URL: http://svn.apache.org/viewvc/knox/site/license.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/license.html (original) +++ knox/site/license.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project License</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/site/mail-lists.html URL: http://svn.apache.org/viewvc/knox/site/mail-lists.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/mail-lists.html (original) +++ knox/site/mail-lists.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project Mailing Lists</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/site/project-info.html URL: http://svn.apache.org/viewvc/knox/site/project-info.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/project-info.html (original) +++ knox/site/project-info.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Project Information</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/site/team-list.html URL: http://svn.apache.org/viewvc/knox/site/team-list.html?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/site/team-list.html (original) +++ knox/site/team-list.html Tue Oct 2 20:04:18 2018 @@ -1,13 +1,13 @@ <!DOCTYPE html> <!-- - | Generated by Apache Maven Doxia at 2018-09-10 + | Generated by Apache Maven Doxia at 2018-10-02 | Rendered using Apache Maven Fluido Skin 1.3.0 --> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> - <meta name="Date-Revision-yyyymmdd" content="20180910" /> + <meta name="Date-Revision-yyyymmdd" content="20181002" /> <meta http-equiv="Content-Language" content="en" /> <title>Knox Gateway – Team list</title> <link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" /> @@ -58,7 +58,7 @@ - <li id="publishDate" class="pull-right">Last Published: 2018-09-10</li> + <li id="publishDate" class="pull-right">Last Published: 2018-10-02</li> </ul> </div> Modified: knox/trunk/books/0.10.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.10.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.10.0/config.md (original) +++ knox/trunk/books/0.10.0/config.md Tue Oct 2 20:04:18 2018 @@ -135,9 +135,9 @@ gateway.httpserver.requestHeaderBuffer|T gateway.httpserver.responseBuffer|The size of the HTTP server response buffer. The default is 32K.|32768 gateway.httpserver.responseHeaderBuffer|The size of the HTTP server response header buffer. The default is 8K.|8192 ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### @@ -533,4 +533,4 @@ Once you have created these keystores yo NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster. When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue. -Obviously, trust-stores will need to be taken into account as well. \ No newline at end of file +Obviously, trust-stores will need to be taken into account as well. Modified: knox/trunk/books/0.11.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.11.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.11.0/config.md (original) +++ knox/trunk/books/0.11.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ gateway.signing.keystore.name|OPTIONAL F gateway.signing.key.alias|OPTIONAL alias for the signing keypair within the keystore specified via gateway.signing.keystore.name.|null gateway.gzip.compress.mime.types|Content types to be gzip compressed by Knox on the way out to browser.|text/html, text/plain, text/xml, text/css, application/javascript, text/javascript, application/x-javascript ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### @@ -537,4 +537,4 @@ Once you have created these keystores yo NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster. When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue. -Obviously, trust-stores will need to be taken into account as well. \ No newline at end of file +Obviously, trust-stores will need to be taken into account as well. Modified: knox/trunk/books/0.12.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.12.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.12.0/config.md (original) +++ knox/trunk/books/0.12.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ gateway.gzip.compress.mime.types|Content gateway.signing.keystore.name|OPTIONAL Filename of keystore file that contains the signing keypair. NOTE: An alias needs to be created using "knoxcli.sh create-alias" for the alias name signing.key.passphrase in order to provide the passphrase to access the keystore.|null gateway.signing.key.alias|OPTIONAL alias for the signing keypair within the keystore specified via gateway.signing.keystore.name.|null ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### @@ -537,4 +537,4 @@ Once you have created these keystores yo NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster. When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue. -Obviously, trust-stores will need to be taken into account as well. \ No newline at end of file +Obviously, trust-stores will need to be taken into account as well. Modified: knox/trunk/books/0.13.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.13.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.13.0/config.md (original) +++ knox/trunk/books/0.13.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ gateway.gzip.compress.mime.types|Content gateway.signing.keystore.name|OPTIONAL Filename of keystore file that contains the signing keypair. NOTE: An alias needs to be created using "knoxcli.sh create-alias" for the alias name signing.key.passphrase in order to provide the passphrase to access the keystore.|null gateway.signing.key.alias|OPTIONAL alias for the signing keypair within the keystore specified via gateway.signing.keystore.name.|null ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### Modified: knox/trunk/books/0.14.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.14.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.14.0/config.md (original) +++ knox/trunk/books/0.14.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ gateway.gzip.compress.mime.types|Content gateway.signing.keystore.name|OPTIONAL Filename of keystore file that contains the signing keypair. NOTE: An alias needs to be created using "knoxcli.sh create-alias" for the alias name signing.key.passphrase in order to provide the passphrase to access the keystore.|null gateway.signing.key.alias|OPTIONAL alias for the signing keypair within the keystore specified via gateway.signing.keystore.name.|null ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 gateway.remote.config.monitor.client|A reference to the [remote configuration registry client](#Remote+Configuration+Registry+Clients) the remote configuration monitor will employ.|null gateway.remote.config.registry.<b><name></b>|A named [remote configuration registry client](#Remote+Configuration+Registry+Clients) definition|null gateway.cluster.config.monitor.ambari.enabled | Indicates whether the cluster monitoring and associated dynamic topology updating is enabled. | false Modified: knox/trunk/books/0.9.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.9.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.9.0/config.md (original) +++ knox/trunk/books/0.9.0/config.md Tue Oct 2 20:04:18 2018 @@ -135,9 +135,9 @@ gateway.httpserver.requestHeaderBuffer|T gateway.httpserver.responseBuffer|The size of the HTTP server response buffer. The default is 32K.|32768 gateway.httpserver.responseHeaderBuffer|The size of the HTTP server response header buffer. The default is 8K.|8192 ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### @@ -533,4 +533,4 @@ Once you have created these keystores yo NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster. When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue. -Obviously, trust-stores will need to be taken into account as well. \ No newline at end of file +Obviously, trust-stores will need to be taken into account as well. Modified: knox/trunk/books/0.9.1/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/0.9.1/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/0.9.1/config.md (original) +++ knox/trunk/books/0.9.1/config.md Tue Oct 2 20:04:18 2018 @@ -135,9 +135,9 @@ gateway.httpserver.requestHeaderBuffer|T gateway.httpserver.responseBuffer|The size of the HTTP server response buffer. The default is 32K.|32768 gateway.httpserver.responseHeaderBuffer|The size of the HTTP server response header buffer. The default is 8K.|8192 ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 #### Topology Descriptors #### @@ -533,4 +533,4 @@ Once you have created these keystores yo NOTE: the SSL certificate will need special consideration depending on the type of certificate. Wildcard certs may be able to be shared across all gateway instances in a cluster. When certs are dedicated to specific machines the gateway identity store will not be able to be blindly replicated as host name verification problems will ensue. -Obviously, trust-stores will need to be taken into account as well. \ No newline at end of file +Obviously, trust-stores will need to be taken into account as well. Modified: knox/trunk/books/1.0.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.0.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/1.0.0/config.md (original) +++ knox/trunk/books/1.0.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ gateway.gzip.compress.mime.types|Content gateway.signing.keystore.name|OPTIONAL Filename of keystore file that contains the signing keypair. NOTE: An alias needs to be created using "knoxcli.sh create-alias" for the alias name signing.key.passphrase in order to provide the passphrase to access the keystore.|null gateway.signing.key.alias|OPTIONAL alias for the signing keypair within the keystore specified via gateway.signing.keystore.name.|null ssl.enabled|Indicates whether SSL is enabled for the Gateway|true -ssl.include.ciphers|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| -ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| -ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or "none"|SSLv3 +ssl.include.ciphers|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all| +ssl.exclude.ciphers|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none| +ssl.exclude.protocols|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|SSLv3 gateway.remote.config.monitor.client|A reference to the [remote configuration registry client](#Remote+Configuration+Registry+Clients) the remote configuration monitor will employ.|null gateway.remote.config.registry.<b><name></b>|A named [remote configuration registry client](#Remote+Configuration+Registry+Clients) definition|null gateway.cluster.config.monitor.ambari.enabled | Indicates whether the cluster monitoring and associated dynamic topology updating is enabled. | false Modified: knox/trunk/books/1.1.0/config.md URL: http://svn.apache.org/viewvc/knox/trunk/books/1.1.0/config.md?rev=1842651&r1=1842650&r2=1842651&view=diff ============================================================================== --- knox/trunk/books/1.1.0/config.md (original) +++ knox/trunk/books/1.1.0/config.md Tue Oct 2 20:04:18 2018 @@ -139,9 +139,9 @@ Property | Description | Default `gateway.signing.keystore.name`|OPTIONAL Filename of keystore file that contains the signing keypair. NOTE: An alias needs to be created using `knoxcli.sh create-alias` for the alias name `signing.key.passphrase` in order to provide the passphrase to access the keystore.|null `gateway.signing.key.alias`|OPTIONAL alias for the signing keypair within the keystore specified via `gateway.signing.keystore.name`|null `ssl.enabled`|Indicates whether SSL is enabled for the Gateway|`true` -`ssl.include.ciphers`|A comma separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all -`ssl.exclude.ciphers`|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none -`ssl.exclude.protocols`|Excludes a comma separated list of protocols to not accept for SSL or "none"|`SSLv3` +`ssl.include.ciphers`|A comma or pipe separated list of ciphers to accept for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|all +`ssl.exclude.ciphers`|A comma or pipe separated list of ciphers to reject for SSL. See the [JSSE Provider docs](http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider) for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation](http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html).|none +`ssl.exclude.protocols`|Excludes a comma or pipe separated list of protocols to not accept for SSL or "none"|`SSLv3` `gateway.remote.config.monitor.client`|A reference to the [remote configuration registry client](#Remote+Configuration+Registry+Clients) the remote configuration monitor will employ|null `gateway.remote.config.monitor.client.allowUnauthenticatedReadAccess` | When a remote registry client is configured to access a registry securely, this property can be set to allow unauthenticated clients to continue to read the content from that registry by setting the ACLs accordingly. | `false` `gateway.remote.config.registry.<name>`|A named [remote configuration registry client](#Remote+Configuration+Registry+Clients) definition, where _name_ is an arbitrary identifier for the connection|null