On 17 January 2017 at 13:39, Mark Thomas <ma...@apache.org> wrote: > On 17/01/2017 11:23, Michael Orr wrote: >> Hi, >> >> There is a user property "org.apache.tomcat.websocket.SSL_PROTOCOLS" >> that you can use to provide the list of permitted SSL protocols when >> connecting to a websocket with WsWebSocketContainer. I was expecting >> that there would be a similar property to allow you to set the list of >> permitted SSL cipher suites as well. >> >> I've checked the code (for version 7.0.73, and also 9.0.0.M15) and >> there doesn't seem to be any mention of such an option. I can see it >> calling SSLEngine.setEnabledProtocols() but not >> SSLEngine.setEnabledCipherSuites(). >> >> Is there a particular reason why there is no >> "org.apache.tomcat.websocket.SSL_CIPHER_SUITES" property, or is it >> simply an oversight? > > No reason I can think of. Patches welcome :) > > Mark > >> >> Thanks, and keep up the great work! >> >> Michael >>
I'll see what I can do! Thanks for your fast response. Michael --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org