Well, if you use Tomcat with JBoss, you can actually plug in OpenSSL quite easily...
2014-04-09 11:51 GMT+02:00 Lothar Kimmeringer <j...@kimmeringer.de>: > Am 09.04.2014 11:13, schrieb Peter Ondruška: > > On Wednesday, 9 April 2014, maarten ligtvoet > > <maartenligtv...@gmail.com<mailto: > maartenligtv...@gmail.com>> wrote: > > > >> Does the openSSL heartbleed bug effect jetty users? > > Jetty uses Java VM's SSL, not OpenSSL. > > and to continue the answer: Since the SSL-implementation should be > in Pure Java, missing boundary-checks aren't a topic there. > > A final answer depends on the configuration of your JVM, though. > In theory, you can change the SSLSocketFactory by one that > actually uses OpenSSL via JNI, but that's something never being > heard of - at least by me. > > > Regards, Lothar > _______________________________________________ > jetty-users mailing list > jetty-users@eclipse.org > https://dev.eclipse.org/mailman/listinfo/jetty-users > -- BEKK Open http://open.bekk.no TesTcl - a unit test framework for iRules http://testcl.com
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org https://dev.eclipse.org/mailman/listinfo/jetty-users
