You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Khalid Yusuf Diriye (JIRA)" <ji...@apache.org> on 2018/05/03 21:25:00 UTC
[jira] [Updated] (KNOX-1291) User Guide Documentation - Gateway
Server Configuration - ssl.exclude.ciphers & ssl.exclude.protocols need to
be updated
[ https://issues.apache.org/jira/browse/KNOX-1291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Khalid Yusuf Diriye updated KNOX-1291:
--------------------------------------
Summary: User Guide Documentation - Gateway Server Configuration - ssl.exclude.ciphers & ssl.exclude.protocols need to be updated (was: Gateway Server Configuration - ssl.exclude.ciphers & ssl.exclude.protocols need to be updated)
> User Guide Documentation - Gateway Server Configuration - ssl.exclude.ciphers & ssl.exclude.protocols need to be updated
> ------------------------------------------------------------------------------------------------------------------------
>
> Key: KNOX-1291
> URL: https://issues.apache.org/jira/browse/KNOX-1291
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 0.9.0, 1.0.0
> Reporter: Khalid Yusuf Diriye
> Priority: Minor
>
> Small fix
> Apache Knox Gateway 1.0.x & 0.9.x User’s Guides need to be updated.([https://knox.apache.org/books/knox-1-0-0/user-guide.html#Gateway+Server+Configuration|http://example.com])
> Under Gateway Server Configuration
> |ssl.exclude.ciphers|A comma separated list of ciphers to reject for SSL. See the [JSSE Provider docs|http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SunJSSEProvider] for possible ciphers. These can also contain regular expressions as shown in the [Jetty documentation|http://www.eclipse.org/jetty/documentation/current/configuring-ssl.html].|none|
> |ssl.exclude.protocols|Excludes a comma separated list of protocols to not accept for SSL or “none”|SSLv3|
> It's stated that a comma separated list should be used however, I've tested pipe delimited and that works for both ciphers and protocols!
> I can guess the same will go for ssl.include.ciphers.
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)