Hi, can you post here: https://groups.google.com/forum/#!forum/caucho-resin
I could offer you help in a couple of hours or tomorrow. In the meantime you can already get these Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7. http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html Kind regards, Steffen Von: resin-interest-boun...@caucho.com [mailto:resin-interest-boun...@caucho.com] Im Auftrag von Abhishek Gesendet: Donnerstag, 11. Januar 2018 12:47 An: resin-interest@caucho.com Betreff: [Resin-interest] Reg. Resin Security Vulnerability Hello! I am using resin-pro-4.0.41 with Java 7 and using below configuration for https configuration in "resin.properties" # JSSE certificate configuration # Keys are typically stored in the resin configuration directory. jsse_keystore_type : jks jsse_keystore_file : keys/server.keystore jsse_keystore_password : adrs123 Following vulnerabilities has been identified in my setup: 1. Diffie-Hellman group smaller than 2048 bits 2. Disable Supports RC4 Cipher Algorithms, 3DES Cipher Suite, The Use of Static Key Ciphers, Using Commonly Used Prime Numbers 3. Disable support of SSLv3, TLS 1.0 & TLS 1.1 4. TLS/SSL Server is enabling the POODLE attack --> Has to be disabled 5. TLS/SSL Server is enabling the BEAST attack --> Has to be disabled 6. TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32) --> Has to be disabled Please share if there is any configuration to handle these vulnerabilities Regards, Abhishek | HP: +91-8130370104 | Email: abhisheksi...@nmsworks.co.in<mailto:abhisheksi...@nmsworks.co.in> NMSWorks Software PVT LTD | #C3, IITM Research Park, Taramani, Chennai, India - 600113 | [https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient> Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient>
_______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest