diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-22 17:13:41 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-22 17:13:41 +0000 |
commit | 5b0a67e97e403b9529b0aeb1f28a34fcafd4c564 (patch) | |
tree | 1f2fabcb90f4f7eab19c7b175fb3e7c051930e80 /pki/base/common/src/com/netscape/cmscore/security | |
parent | 9d7cd2e5956a8d5fe7ae3b3c7a6b6c91fd4e3c1e (diff) | |
download | pki-5b0a67e97e403b9529b0aeb1f28a34fcafd4c564.tar.gz pki-5b0a67e97e403b9529b0aeb1f28a34fcafd4c564.tar.xz pki-5b0a67e97e403b9529b0aeb1f28a34fcafd4c564.zip |
Bug 651977 - turn off ssl2 for java servers (server.xml) - patch 2
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1583 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/security')
-rw-r--r-- | pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java index 08615264e..cf63a770b 100644 --- a/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/security/JssSubsystem.java @@ -131,6 +131,7 @@ public final class JssSubsystem implements ICryptoSubsystem { static { /* set ssl cipher string names. */ + /* disallowing SSL2 ciphers to be turned on mCipherNames.put(Constants.PR_SSL2_RC4_128_WITH_MD5, Integer.valueOf(SSLSocket.SSL2_RC4_128_WITH_MD5)); mCipherNames.put(Constants.PR_SSL2_RC4_128_EXPORT40_WITH_MD5, @@ -143,6 +144,7 @@ public final class JssSubsystem implements ICryptoSubsystem { Integer.valueOf(SSLSocket.SSL2_DES_64_CBC_WITH_MD5)); mCipherNames.put(Constants.PR_SSL2_DES_192_EDE3_CBC_WITH_MD5, Integer.valueOf(SSLSocket.SSL2_DES_192_EDE3_CBC_WITH_MD5)); + */ mCipherNames.put(Constants.PR_SSL3_RSA_WITH_NULL_MD5, Integer.valueOf(SSLSocket.SSL3_RSA_WITH_NULL_MD5)); mCipherNames.put(Constants.PR_SSL3_RSA_EXPORT_WITH_RC4_40_MD5, @@ -389,6 +391,7 @@ public final class JssSubsystem implements ICryptoSubsystem { if (sslcipher != null) { String msg = "setting ssl cipher " + cipher; + CMS.debug("JSSSubsystem: initSSL(): "+msg); log(ILogger.LL_INFO, msg); if (Debug.ON) Debug.trace(msg); |