Please find the details at http://blog.facilelogin.com/2014/10/poodle-attack-and-disabling-ssl-v3-in_69.html
Thanks & regards, -Prabath On Thu, Oct 30, 2014 at 9:26 PM, Niranda Perera <[email protected]> wrote: > Hi all, > > This follows Prabath's bolgpost on "POODLE Attack and Disabling SSL V3 in > WSO2 Carbon 4.2.0 Based Products" [1] > > I was trying to disable SSL v3 in Carbon 3.0 as per the blogpost, but ran > into the following problems. > > 1. I could not find a catalina-server.xml file in Carbon 3.0. Is there a > different configuration file which governs the SSL Protocol version in > Carbon 3.0? > AFAIK Carbon 3.0 uses Tomcat 5.5 (Pls, correct me if I am wrong!) which > supports SSLv1, v2 and v3. > > 2. In Carbon 3.0 products (ESB) axis2.xml file, I could not find a > transportReceiver configuration element for PassThroughHttpSSLListener? was > this introduced after Carbon 3.0? > > Would be very grateful if you could help me out on this. > > Cheers > > [1] > http://blog.facilelogin.com/2014/10/poodle-attack-and-disabling-ssl-v3-in_18.html > > -- > *Niranda Perera* > Software Engineer, WSO2 Inc. > Mobile: +94-71-554-8430 > Twitter: @n1r44 <https://twitter.com/N1R44> > -- Thanks & Regards, Prabath Twitter : @prabath LinkedIn : http://www.linkedin.com/in/prabathsiriwardena Mobile : +1 650 625 7950 http://blog.facilelogin.com http://blog.api-security.org
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
