Ryan Goulding created KARAF-4457:
------------------------------------
Summary: OOB pax-web version does not allow black-listing protocols
Key: KARAF-4457
URL: https://issues.apache.org/jira/browse/KARAF-4457
Project: Karaf
Issue Type: Improvement
Components: karaf-core
Affects Versions: 3.0.6
Reporter: Ryan Goulding
Pax web prior to version 3.2.7 doesn't include functionality to blacklist
certain SSL/TLS protocols. Pax-web 3.2.7 includes the capability to set
excluded protocols through setting the
"org.ops4j.pax.web.ssl.protocols.excluded" in "org.ops4j.pax.web.cfg". This is
particularly useful to disable weak/vulnerable protocols such as SSLv3 and TLS1.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
