You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by avi39844 <av...@gmail.com> on 2014/12/17 18:30:16 UTC

CXF https server - Allowing null ciphers

Hi,

As server, I need only authentication without encryption so for deduce the
overhead 
I want to allow clients to connect with null ciphers. 
Can I have an option to configure it in CXF configuration file?

I've tried to include NULL ciphers in the filter (under TLS server
parameters) like this: <sec:include>.*_WITH_NULL_.*</sec:include>
but I keep getting: javax.net.ssl.SSLHandshakeException: no cipher suites in
common.

I've also tried to to set the ciphersuite element with supported ciphers
that my client connects with:
<sec:cipherSuites>
  <sec:cipherSuite>SSL_RSA_WITH_NULL_SHA</sec:cipherSuite>    
  <sec:cipherSuite>SSL_RSA_WITH_NULL_MD5</sec:cipherSuite>
</sec:cipherSuites>
and I still gets "no cipher suites in common". 

I've seen that  NULL ciphers aren't enabled by default in some JSSE
providers.
Do I have to to configure something more? maybe in jetty?

Any help will be appreciated!
Thanks,



--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-https-server-Allowing-null-ciphers-tp5752465.html
Sent from the cxf-user mailing list archive at Nabble.com.

Re: CXF https server - Allowing null ciphers

Posted by Colm O hEigeartaigh <co...@apache.org>.

FYI I've merged a fix for this issue to the CXF 3.0.x branch. So from the
next release it will be possible for the Jetty Server component to support
null ciphersuites solely by including the relevant ciphersuite name in the
httpj configuration.

Colm.

On Mon, Dec 22, 2014 at 5:23 PM, avi39844 <av...@gmail.com> wrote:

> Somehow it works now, but I still wait for more elegant way.
> Thanks,
>
>
> http://stackoverflow.com/questions/27549648/cxf-server-enable-ssl-null-ciphers
>
>
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/CXF-https-server-Allowing-null-ciphers-tp5752465p5752652.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>

-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: CXF https server - Allowing null ciphers

Posted by avi39844 <av...@gmail.com>.

Somehow it works now, but I still wait for more elegant way.
Thanks,

http://stackoverflow.com/questions/27549648/cxf-server-enable-ssl-null-ciphers





--
View this message in context: http://cxf.547215.n5.nabble.com/CXF-https-server-Allowing-null-ciphers-tp5752465p5752652.html
Sent from the cxf-user mailing list archive at Nabble.com.