Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] Can't enable SSLv3 in 9.2.10.v20150310


On Wed, Apr 8, 2015 at 8:06 PM, Grimm, Michael J (HPCS-R&D)
<grimm@xxxxxx> wrote:
> So, my question is: How do I re-enable SSLv3?

Excluded protocols have precedence over included protocols.
Given discovered vulnerabilities of SSLv3, we have excluded it by default.

To force it back, you can do this:

SslContextFactory ssl = new SslContextFactory();
ssl.setExcludeProtocols("SSL", "SSLv2", "SSLv2Hello");

Now you should have SSLv3 enabled back, because it's not explicitly excluded.

Simone Bordet
Developer advice, training, services and support
from the Jetty & CometD experts.
Intalio, the modern way to build business applications.

Back to the top