Hi all, This follows Prabath's bolgpost on "POODLE Attack and Disabling SSL V3 in WSO2 Carbon 4.2.0 Based Products" [1]
I was trying to disable SSL v3 in Carbon 3.0 as per the blogpost, but ran into the following problems. 1. I could not find a catalina-server.xml file in Carbon 3.0. Is there a different configuration file which governs the SSL Protocol version in Carbon 3.0? AFAIK Carbon 3.0 uses Tomcat 5.5 (Pls, correct me if I am wrong!) which supports SSLv1, v2 and v3. 2. In Carbon 3.0 products (ESB) axis2.xml file, I could not find a transportReceiver configuration element for PassThroughHttpSSLListener? was this introduced after Carbon 3.0? Would be very grateful if you could help me out on this. Cheers [1] http://blog.facilelogin.com/2014/10/poodle-attack-and-disabling-ssl-v3-in_18.html -- *Niranda Perera* Software Engineer, WSO2 Inc. Mobile: +94-71-554-8430 Twitter: @n1r44 <https://twitter.com/N1R44>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
