You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2014/08/04 19:08:49 UTC

svn commit: r1615693 - /tomcat/trunk/webapps/docs/config/http.xml

Author: markt
Date: Mon Aug  4 17:08:49 2014
New Revision: 1615693

URL: http://svn.apache.org/r1615693
Log:
Remove references to the deleted system property. Document the current default.

Modified:
    tomcat/trunk/webapps/docs/config/http.xml

Modified: tomcat/trunk/webapps/docs/config/http.xml
URL: http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/config/http.xml?rev=1615693&r1=1615692&r2=1615693&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/config/http.xml (original)
+++ tomcat/trunk/webapps/docs/config/http.xml Mon Aug  4 17:08:49 2014
@@ -1087,11 +1087,10 @@
       <p>The list can also use ':' as a separator, in that case
       it will use the OpenSSL syntax (see OpenSSL documentation for the list
       of ciphers supported and the syntax).</p>
-      <p>The default cipher suite can be set using the
-      <code>tomcat.ssl.ciphers</code> system property.</p>
-      <p>If not specified, the default ciphers
-      for the JVM will be used. Note that this usually means that the weak
-      export grade ciphers will be included in the list of available ciphers.</p>
+      <p>If not specified, a default (using the OpenSSL notation) of
+      <code>HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5</code> will be used.</p>
+      <p>Note that Java does treat the order in which ciphers are defined as an
+      order of preference.</p>
     </attribute>
 
     <attribute name="clientAuth" required="false">
@@ -1344,12 +1343,9 @@
     </attribute>
 
     <attribute name="SSLCipherSuite" required="false">
-      <p>Ciphers which may be used for communicating with clients.
-      The default cipher suite can be set using the
-      <code>tomcat.ssl.ciphers</code> system property. The default
-      is "ALL", with other acceptable values being a list of ciphers, with ":"
-      used as the delimiter (see OpenSSL documentation for the list of ciphers
-      supported).</p>
+      <p>Ciphers which may be used for communicating with clients. The default
+      is <code>HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5</code>. See the OpenSSL
+      documentation for details of the syntax for this attribute.</p>
     </attribute>
 
     <attribute name="SSLDisableCompression" required="false">



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org