hi erick, hi david, you can find ftp server sources including changes to support en/disabling certain ssl protocols here:
http://icg4003-v3.icg.kfa-juelich.de/weatherradargif/apache-ftpserver-1.0.6.patchj.tar.gz here a list of changed classes: - SslConfiguration - SslConfigurationFactory - NioListener - AUTH - ListenerBeanDefinitionParser - ftpserver-1.0.xsd gruss juergen On 21/01/15 17:23, David Latorre wrote:
As Erick says, you need to invoke SSLFilter.setEnabledProtocols() . If you are willing to provide a patch in order to expose the EnabledProtocols method in the Listener configuration, we will be happy to integrate it into the FTPServer code . Kindest regards, 2015-01-21 12:13 GMT+01:00 Erick Lichtas <elich...@linoma.com>:Hello, I'm not sure how much work has been done with this on the project with this lately, but what needs to be added is an option that allows the 'enabled ssl protocols' to be set on the mina SSLFilter in a few spots. Basically, every place in the code that calls sslFilter.setEnabledCipherSuites(..) should also/instead call sslFilter.setEnabledProtocols(..). If such is done, you can granularly control which SSL/TLS protocols are enabled on the server. And this works well for the Oracle and IBM jvms. Regards, Erick -----Original Message----- From: juergen sorg [mailto:j.s...@fz-juelich.de] Sent: Wednesday, January 21, 2015 12:58 AM To: ftpserver-users@mina.apache.org Subject: disable sslv3 hi, is it possible to disable some SSL and TLS versions in apache mina ftp server? i read the documentation, but there is only the option to choose between SSL or TLS. and if i specifiy TLS in the configuration (spring confign file) then the same protocols are enabled as i use SSL (i could connect by using openssl client with SSLv3, TLSv1 TLSv1.1 TLSv1.2 thanks in advance gruss juergen
smime.p7s
Description: S/MIME Cryptographic Signature
