-------- Original Message --------
Subject: disable weak and medium cihpers
From: glassfish@javadesktop.org
Date: Thu, December 03, 2009 10:30 am
To: users@glassfish.dev.java.net

Based on my previous experience like usually it relates to the type of the certificate that is being used on the application.
Maybe someone will be able to help me with the following questions:

How to enforce strong ciphers (TLS 1.0 only)?
How to replace self generated certificate? (we need to replace it from being signed by MD5 to SHA )

I saw few options under domain.xml
Ssl3-enabled=”true” if I set to false does it mean that SSL3.0 will be disabled?
Tls-rollback-enabled=”true” what does this option do?

Thanks
[Message sent by forum member 'drumik' ]

http://forums.java.net/jive/thread.jspa?messageID=374594

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net