[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
|
Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
|
Am 13.03.2014 12:15, schrieb Marvin Addison:
>> I saw a post about how to set order of cipher suites for Jetty on Stack
>> Overflow
>> (http://stackoverflow.com/questions/18981277/how-to-set-order-of-cipher-suites-for-jetty-ssl).
>> But, no one answer the question yet. Does anyone know the answer?
>
> For jetty 8:
>
> <Array id="cipherSuites" type="java.lang.String">
> <Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item>
[...]
> <Item>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
> </Array>
> <Call name="addConnector">
>
> <!-- HTTPS connector -->
> <Arg>
> <New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
> <Arg>
> <New id="sslContextFactory"
> class="org.eclipse.jetty.http.ssl.SslContextFactory">
[...]
> <Set name="IncludeCipherSuites">
> <Ref id="cipherSuites"/>
> </Set>
[...]
> </Call>
You do that in Jetty 9 in the same way (oej.http.ssl.SslContextFactory
has been changed to oej.util.ssl.SslContextFactory) and according to the
description at Stackoverflow it's also the way Justina was setting the
ciphers being used) but the question was how to resort the given ciphers
when a connection is set up since Jetty seems to change the order
afterwards (haven't checked if that's actually the case).
Best regards, Lothar
