You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2014/11/05 14:06:20 UTC
svn commit: r1636864 - /ofbiz/trunk/framework/catalina/ofbiz-component.xml
Author: jleroux
Date: Wed Nov 5 13:06:19 2014
New Revision: 1636864
URL: http://svn.apache.org/r1636864
Log:
Fixes the Poodle vulnerability following indications from "The Poodle fixer" at https://issues.apache.org/jira/browse/OFBIZ-5848
We will certainly have to evolve this in the future because this correction forces the protocol to TLSv1.2
Modified:
ofbiz/trunk/framework/catalina/ofbiz-component.xml
Modified: ofbiz/trunk/framework/catalina/ofbiz-component.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/ofbiz-component.xml?rev=1636864&r1=1636863&r2=1636864&view=diff
==============================================================================
--- ofbiz/trunk/framework/catalina/ofbiz-component.xml (original)
+++ ofbiz/trunk/framework/catalina/ofbiz-component.xml Wed Nov 5 13:06:19 2014
@@ -146,7 +146,8 @@ under the License.
<property name="keystoreType" value="JKS"/>
<property name="keyAlias" value="ofbiz"/>
<property name="keyPass" value="changeit"/>
- <property name="sslProtocol" value="TLS"/>
+ <property name="sslProtocol" value="TLSv1.2"/>
+ <property name="sslEnabledProtocols" value="TLSv1.2"/>
<property name="ciphers" value=""/>
</property>
</container>
@@ -203,7 +204,8 @@ under the License.
<property name="keystoreFile" value="framework/base/config/ofbizssl.jks"/>
<property name="keystorePass" value="changeit"/>
<property name="keystoreType" value="JKS"/>
- <property name="sslProtocol" value="TLS"/>
+ <property name="sslProtocol" value="TLSv1.2"/>
+ <property name="sslEnabledProtocols" value="TLSv1.2"/>
<property name="ciphers" value=""/>
</property>
</container>