If you are using JDK 8u31 or greater, SSLv3 is disabled by default. The
typical way to disable a cipher is to use the addExcludeProtocols method on
the ssl context factory, such as:
sslContextFactory.addExcludeProtocols("SSLv3");
I'm not sure if there is an easy way to do this with a websocket transport
right now but with the web console, you should be able to modify the
example xml to this:
<bean id="SecureConnector"
class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<property name="port" value="8161" />
<property name="keystore" value="some-path/ssl/server-keystore" />
<property name="password" value="some-passsword" />
<property name="excludeCipherSuites" value="SSLv3" />
</bean>
You just need to add that excludeCipherSuites property.
On Thu, Jul 9, 2015 at 12:32 AM, shlomos <shlomi.avi...@nice.com> wrote:
> Have you found a solution for this case ?
>
> Thanks !!
>
>
>
> --
> View this message in context:
> http://activemq.2283324.n4.nabble.com/Disabling-SSLv3-in-embedded-web-console-jetty-tp4687156p4698861.html
> Sent from the ActiveMQ - User mailing list archive at Nabble.com.
>
