Re: [jetty-users] How to set order of cipher suites for Jetty SSL?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-users] How to set order of cipher suites for Jetty SSL?

From: Marvin Addison <marvin.addison@xxxxxxxxx>
Date: Thu, 13 Mar 2014 07:15:58 -0400
Delivered-to: jetty-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-users>
List-help: <mailto:jetty-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-users>, <mailto:jetty-users-request@eclipse.org?subject=unsubscribe>

> I saw a post about how to set order of cipher suites for Jetty on Stack
> Overflow
> (http://stackoverflow.com/questions/18981277/how-to-set-order-of-cipher-suites-for-jetty-ssl).
> But, no one answer the question yet.   Does anyone know the answer?

For jetty 8:

<Array id="cipherSuites" type="java.lang.String">
<Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</Item>
<Item>SSL_RSA_WITH_RC4_128_SHA</Item>
<Item>SSL_RSA_WITH_RC4_128_MD5</Item>
<Item>SSL_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
<Item>SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
</Array>
<Call name="addConnector">

<!-- HTTPS connector -->
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg>
<New id="sslContextFactory"
class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="KeyStore">
<Property name="jetty.keystore.path"/>
</Set>
<Set name="KeyStoreType">
<Property name="jetty.keystore.type"/>
</Set>
<Set name="KeyStorePassword">
<Property name="jetty.keystore.pass"/>
</Set>
<Set name="TrustStore">
<Property name="jetty.truststore.path"/>
</Set>
<Set name="TrustStoreType">
<Property name="jetty.truststore.type"/>
</Set>
<Set name="TrustStorePassword">
<Property name="jetty.truststore.pass"/>
</Set>
<Set name="IncludeCipherSuites">
<Ref id="cipherSuites"/>
</Set>
</New>
</Arg>
<Set name="Host">
<Property name="jetty.host"/>
</Set>
<Set name="Port">
<Property name="jetty.port.ssl"/>
</Set>
<Set name="MaxIdleTime">30000</Set>
<Set name="Acceptors">2</Set>
<Set name="AcceptQueueSize">100</Set>
</New>
</Arg>
</Call>

We use a reference because we have more than one https connector, but
if you only have one you could just list them under
IncludeCipherSuites.

Marvin

Follow-Ups:
- Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
  - From: Lothar Kimmeringer

References:
- [jetty-users] How to set order of cipher suites for Jetty SSL?
  - From: Justina Cheng

Prev by Date: Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
Next by Date: Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
Previous by thread: Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
Next by thread: Re: [jetty-users] How to set order of cipher suites for Jetty SSL?
Index(es):
- Date
- Thread

Breadcrumbs