You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/03/06 13:21:57 UTC

svn commit: r1664599 - /tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java

Author: markt
Date: Fri Mar  6 12:21:57 2015
New Revision: 1664599

URL: http://svn.apache.org/r1664599
Log:
Exclude cipher suites that use RSA key exchange. The remaining ciphers (with Java 8 at least) all then support forward secrecy.

Modified:
    tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java

Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1664599&r1=1664598&r2=1664599&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Fri Mar  6 12:21:57 2015
@@ -52,7 +52,7 @@ public abstract class AbstractEndpoint<S
 
     // -------------------------------------------------------------- Constants
 
-    protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5";
+    protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA";
 
     protected static final StringManager sm = StringManager.getManager(
             AbstractEndpoint.class.getPackage().getName());



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org