You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2015/05/18 18:26:00 UTC

[jira] [Resolved] (CXF-6407) Use default JVM cipher suites if no filters are specified

     [ https://issues.apache.org/jira/browse/CXF-6407?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh resolved CXF-6407.
--------------------------------------
    Resolution: Fixed

> Use default JVM cipher suites if no filters are specified
> ---------------------------------------------------------
>
>                 Key: CXF-6407
>                 URL: https://issues.apache.org/jira/browse/CXF-6407
>             Project: CXF
>          Issue Type: Improvement
>            Reporter: Colm O hEigeartaigh
>            Assignee: Colm O hEigeartaigh
>             Fix For: 3.1.1
>
>
> Currently, a CXF client uses either the explicitly defined ciphersuites (in configuration or via a System property), and then falls back to using inclusion + exclusion filters on the full list of supported cipher suites. However, from JDK7 onwards, the insecure ciphers (null, anon, DES, EXPORT, etc.) are all disabled by default. So for CXF 3.1.x, we can fall back to use the default cipher suites of the JVM instead. If filters are given in configuration then we will continue to use them.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)