Hi,
I am using SSLFilter for enabling SSL on my mina server. On Vulnerability
assessment the report indicated "SSL Server Allows Anonymous Authentication
Vulnerability". Can someone suggest on what configuration changes can
prevent this vulnerability.
Below is the code snippet for enabling sslfilter:
SslFilter sslFilter = new SslFilter(new
SSLContextGenerator().getSslContext());
sslFilter.setUseClientMode(false);
sslFilter.setEnabledCipherSuites(strCiphers);
chain.addLast("sslFilter", sslFilter);
I tried sslFilter.setNeedClientAuth(true) but it does not work.
Thanks,
Rajiv
smime.p7s
Description: S/MIME cryptographic signature
