On Fri, Nov 29, 2013, at 3:58, Zbigniew Sokołowski wrote: > <Item>EDH-RSA-DES-CBC3-SHA</Item> > <Item>DES-CBC3-SHA</Item> > <Item>DHE-RSA-AES128-SHA</Item> >
Java uses different names for the cipher suites than OpenSSL. You can get a full list of standard names from http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#ciphersuites. On one of our internal servers, we're using: <Set name="excludeCipherSuites"> <Array type="String"> <Item>.*(3DES|DES40|RC4).*</Item> <Item>(SSL|TLS)_(RSA|ECDH)_.*</Item> </Array> </Set> but that may be a bit aggressive for a public site. -- Carey Evans [email protected] _______________________________________________ jetty-users mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/jetty-users
