Using asadmin you can do this:
$asadmin
configs.config.server-config.network-config.protocols.protocol.<http-listener-name>.ssl.ssl3-enabled=false
WBR,
Alexey.
On 17.10.14 07:07, Lachezar Dobrev wrote:
> You can disable SSL3 for the HTTP Connectors.
> In the Admin console (the HTTPS one :)) find
> Configurations->server-config->HTTP Service->Http Listeners. For every
> connector there is a page 'General' where you can find a tick for
> enabling HTTPS called Security. For every connector that has Security
> enabled the page 'SSL' has a tick for enabling/disabling SSL3. By
> default SSL3 is disabled on the http-listener-2, but is enabled on the
> admin-listener.
> I suspect that there is a way to do this using the asadmin tool, but
> I'm not that versed with it.
>
> My personal credo is that no JavaEE server is secure enough to be
> accessible from the Internet. All the servers I use are behind an
> Apache façade that does the SSL and calls the actual server (which is
> not accessible in any alternate way to the outside world) using AJP.
> Other façade servers can be used too.
>
>
> 2014-10-16 19:32 GMT+03:00 <forums_at_java.net>:
>> I should also mention that I tried the https.protocols system property, also
>> with no luck.
>>
>> --
>>
>> [Message sent by forum member 'mmole']
>>
>> View Post: http://forums.java.net/node/930922
>>
>>