OS: Linux Test1: JBoss-4.0.2 with jdk 1.4 Test2: JBoss-4.3.0-eap with jdk 1.5
I tested both setup and SSL ciphers for 256-bit was not seen by the security scan. I currently have the following SSL ciphers in the server.xml file: ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA" When the server is scanned, the 128-bit is picked up. However, when I change it to use 256-bit, the scan doesn't see the 256-bit. What do I need to use the 256-bit ciphers? Are there any other ciphers I am missing, beside the anonymous ciphers? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4149601#4149601 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4149601 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
