Hi, As server, I need only authentication without encryption so for deduce the overhead I want to allow clients to connect with null ciphers. Can I have an option to configure it in CXF configuration file?
I've tried to include NULL ciphers in the filter (under TLS server parameters) like this: <sec:include>.*_WITH_NULL_.*</sec:include> but I keep getting: javax.net.ssl.SSLHandshakeException: no cipher suites in common. I've also tried to to set the ciphersuite element with supported ciphers that my client connects with: <sec:cipherSuites> <sec:cipherSuite>SSL_RSA_WITH_NULL_SHA</sec:cipherSuite> <sec:cipherSuite>SSL_RSA_WITH_NULL_MD5</sec:cipherSuite> </sec:cipherSuites> and I still gets "no cipher suites in common". I've seen that NULL ciphers aren't enabled by default in some JSSE providers. Do I have to to configure something more? maybe in jetty? Any help will be appreciated! Thanks, -- View this message in context: http://cxf.547215.n5.nabble.com/CXF-https-server-Allowing-null-ciphers-tp5752465.html Sent from the cxf-user mailing list archive at Nabble.com.
