From 46d7be6f5d24e025df30b382065addfb30c8032f Mon Sep 17 00:00:00 2001 From: Christina Fu Date: Tue, 18 Nov 2014 18:28:53 -0800 Subject: bugzilla 871171 (client-side code) Provide Tomcat support for TLS v1.1 and TLS v1.2 --- .../src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'base/server') diff --git a/base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java b/base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java index 4d9e60251..720882a15 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java +++ b/base/server/cmscore/src/com/netscape/cmscore/ldapconn/LdapJssSSLSocketFactory.java @@ -51,12 +51,11 @@ public class LdapJssSSLSocketFactory implements LDAPSSLSocketFactoryExt { SSLSocket s = null; try { - SSLSocket.enableSSL2Default(false); + /* + * let inherit TLS range and cipher settings + */ s = new SSLSocket(host, port); s.setUseClientMode(true); - s.enableSSL2(false); - //TODO Do we really want to set the default each time? - SSLSocket.enableSSL2Default(false); s.enableV2CompatibleHello(false); SSLHandshakeCompletedListener listener = null; -- cgit