Author: markt Date: Fri Mar 6 12:21:57 2015 New Revision: 1664599 URL: http://svn.apache.org/r1664599 Log: Exclude cipher suites that use RSA key exchange. The remaining ciphers (with Java 8 at least) all then support forward secrecy.
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1664599&r1=1664598&r2=1664599&view=diff ============================================================================== --- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (original) +++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Fri Mar 6 12:21:57 2015 @@ -52,7 +52,7 @@ public abstract class AbstractEndpoint<S // -------------------------------------------------------------- Constants - protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5"; + protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA"; protected static final StringManager sm = StringManager.getManager( AbstractEndpoint.class.getPackage().getName()); --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org