You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@ofbiz.apache.org by jl...@apache.org on 2014/11/05 14:22:48 UTC

svn commit: r1636870 - /ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml

Author: jleroux
Date: Wed Nov  5 13:22:48 2014
New Revision: 1636870

URL: http://svn.apache.org/r1636870
Log:
Fixes the Poodle vulnerability following indications from "The Poodle fixer" at https://issues.apache.org/jira/browse/OFBIZ-5848

Note that this fix requires to use at least Tomcat 6.0.32 as explained at https://blogs.atlassian.com/2014/10/ssl-poodle/#comment-190966

Modified:
    ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml

Modified: ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml
URL: http://svn.apache.org/viewvc/ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml?rev=1636870&r1=1636869&r2=1636870&view=diff
==============================================================================
--- ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml (original)
+++ ofbiz/branches/release12.04/framework/appserver/templates/tomcat6/server.xml Wed Nov  5 13:22:48 2014
@@ -80,7 +80,7 @@
          described in the APR documentation -->
     <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
                maxThreads="150" scheme="https" secure="true"
-               clientAuth="false" sslProtocol="TLS"
+               clientAuth="false" sslProtocol="TLSv1.1" protocols="TLSv1.1" 
                keystoreFile="${ofbizHome}/framework/base/config/ofbizssl.jks"
                keystorePass="changeit"/>