Hi Saby,
pls. change this
enabledCipherSuites={"SSL_RSA_WITH_RC4_128_SHA,TLS_KRB5_WITH_RC4_128_SHA"};
to
enabledCipherSuites={"SSL_RSA_WITH_RC4_128_SHA", "TLS_KRB5_WITH_RC4_128_SHA"};
regarding scanning tool etc...
It properly shows you *all* cipher suites available for client
regardless of server SSL configuration.
But after SSL handshake is complete check the current ciphersuite:
System.out.println("CipherSuite=" +
sslSocket.getSession().getCipherSuite());
It has to be the one allowed for both client and server.
Hope this will help.
WBR,
Alexey.
On 04/24/2012 01:03 PM, Sabyasachi Biswas wrote:
> Hi Alexey,
>
> Ok,thank you. I will wait to hear from you.
>
> Regards,
> Saby..
>
>
> On 4/23/12, Oleksiy Stashok<oleksiy.stashok_at_oracle.com> wrote:
>> Hi Saby,
>>
>> sorry I didn't have time today. Will reply tomorrow asap.
>>
>> WBR,
>> Alexey.
>>
>> On 04/23/2012 06:42 PM, Sabyasachi Biswas wrote:
>>> Hi,
>>>
>>> Please can someone help me with this problem
>>> Thanks a lot in advance.
>>>
>>> Regards,
>>> Saby..
>>>
>>> On Sat, Apr 21, 2012 at 11:54 AM, Sabyasachi Biswas
>>> <sabyforjava_at_gmail.com<mailto:sabyforjava_at_gmail.com>> wrote:
>>>
>>>
>>> Hello All,
>>>
>>> I am using Grizzly 1.9.46 for a SOAP Messaging server. I have
>>> configured the server to run with SSL , now in this SSL
>>> configuration I wish to disable a few Cipher suites
>>> and enable only a few Cipher suites. For that, I did the following
>>>
>>> GrizzlyWebServer grizzlyWebServer = new GrizzlyWebServer(port,
>>> WEB_APP_ROOT, true);
>>> //rest of the config
>>> SSLSelectorThread sslSelectorThread=(SSLSelectorThread)
>>> grizzlyWebServer.getSelectorThread();
>>> String[]
>>>
>>> enabledCipherSuites={"SSL_RSA_WITH_RC4_128_SHA,TLS_KRB5_WITH_RC4_128_SHA"};
>>> sslSelectorThread.setEnabledCipherSuites(enabledCipherSuites);
>>>
>>> Now, when I scan the port with a SSL scanning tool like
>>> "SSLScanner" , I see more cipher suites enabled than I wished to
>>> enable.
>>> The same effect is also visible when I connect it with sockets:
>>>
>>> SSLSocketFactory sslsf=(SSLSocketFactory)
>>> SSLSocketFactory.getDefault();
>>> SSLSocket sslSocket=(SSLSocket) sslsf.createSocket("myhost", 443);
>>> String[] cipherSuites=sslSocket.getEnabledCipherSuites();
>>>
>>> for (String ciphers : cipherSuites) {
>>>
>>> LOGGER.debug("Available ciphers ::" +ciphers);
>>> }
>>>
>>> Please can you tell me why this is not working, what am I doing wrong.
>>> Thank you in advance.
>>>
>>> Regards,
>>> Saby..
>>>
>>>
>>>
>>