Khalid Yusuf Diriye created KNOX-1291:
-----------------------------------------
Summary: Gateway Server Configuration - ssl.exclude.ciphers &
ssl.exclude.protocols need to be updated
Key: KNOX-1291
URL: https://issues.apache.org/jira/browse/KNOX-1291
Project: Apache Knox
Issue Type: Improvement
Affects Versions: 0.9.0, 1.0.0
Reporter: Khalid Yusuf Diriye
Small fix
Apache Knox Gateway 1.0.x & 0.9.x User’s Guides need to be
updated.([https://knox.apache.org/books/knox-1-0-0/user-guide.html#Gateway+Server+Configuration|http://example.com])
Under Gateway Server Configuration
|ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See
the [JSSE Provider
docs|http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider]
for possible ciphers. These can also contain regular expressions as shown in
the [Jetty
documentation|http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html].|none|
|ssl.exclude.protocols|Excludes a comma separated list of protocols to not
accept for SSL or “none”|SSLv3|
It's stated that a comma separated list should be used however, I've tested
pipe delimited and that works for both ciphers and protocols!
I can guess the same will go for ssl.include.ciphers.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
