You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/03/06 13:21:57 UTC
svn commit: r1664599 -
/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
Author: markt
Date: Fri Mar 6 12:21:57 2015
New Revision: 1664599
URL: http://svn.apache.org/r1664599
Log:
Exclude cipher suites that use RSA key exchange. The remaining ciphers (with Java 8 at least) all then support forward secrecy.
Modified:
tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
Modified: tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java?rev=1664599&r1=1664598&r2=1664599&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/util/net/AbstractEndpoint.java Fri Mar 6 12:21:57 2015
@@ -52,7 +52,7 @@ public abstract class AbstractEndpoint<S
// -------------------------------------------------------------- Constants
- protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5";
+ protected static final String DEFAULT_CIPHERS = "HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA";
protected static final StringManager sm = StringManager.getManager(
AbstractEndpoint.class.getPackage().getName());
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org