Thank you Grzegorz. that helps. I think for test test I have to setup an http client that accepts only the supported ciphers.
Regards Richard Am Mo., 25. Juli 2022 um 11:05 Uhr schrieb Grzegorz Grzybek < [email protected]>: > Hello Richard, > > wt., 19 lip 2022 o 08:08 Richard Hierlmeier <[email protected]> > napisaĆ(a): > >> I am using org.ops4j.pax.web.ssl.ciphersuites.included in Karaf 4.3.7 and >> I think it was working. >> I tested it 2 month ago manually with the services of SSL labs. >> I plan to implement an integration test that tests the correct SSL setup. >> > > Feel free to create a test based on > https://github.com/ops4j/org.ops4j.pax.web/blob/main/pax-web-itest/pax-web-itest-container/pax-web-itest-container-common/src/main/java/org/ops4j/pax/web/itest/container/httpservice/AbstractWebContainerSecuredIntegrationTest.java > > regards > Grzegorz Grzybek > > >> >> Regards >> Richard >> >> >> Am Mo., 18. Juli 2022 um 15:16 Uhr schrieb Martin Lichtin via user < >> [email protected]>: >> >>> Has anyone used Pax-Web settings >>> >>> org.ops4j.pax.web.ssl.ciphersuites.excluded= >>> org.ops4j.pax.web.ssl.ciphersuites.included= >>> >>> ? I've tried, for example, to exclude all ciphers with >>> >>> org.ops4j.pax.web.ssl.ciphersuites.excluded=.* >>> >>> but it doesn't seem to have an effect. >>> >>> >>> >>> >>>
