Re: [Wrapper-user] disable SSLv3

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello,
I've tried installing Oracle JDK 7, with same results

# java -version
java version "1.7.0_71"
Java(TM) SE Runtime Environment (build 1.7.0_71-b14)
Java HotSpot(TM) 64-Bit Server VM (build 24.71-b01, mixed mode)

now the wrapper command looks like this:

/usr/java/jdk1.7.0_71/bin/java -Dhttps.protocols="TLSv1"
-Dsun.security.ssl.allowUnsafeRenegotiation=false (...)

(I've also added allowUnsafeRenegotiation=false)
some more hints?

thanks,
Lluís

El dt 30 de 12 de 2014 a les 20:01 +0100, en/na Dannes Wessels va
escriure:
> Hi,
> 
> > On 30 Dec 2014, at 14:57 , lluis <ll...@in...> wrote:
> > 
> > I am trying to disable SSLv3 to prevent POODLE attack on adito, which
> > uses wrapper. I've tried to add this
> > to /usr/local/src/adito-0.9.1/conf/wrapper.conf:
> > 
> > wrapper.java.additional.1=-Dhttps.protocols="TLSv1"
> > 
> > and in fact is added to the java command:
> > 
> > /usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/bin/java
> 
> the instructions you use are for the OracleVM ; I have my doubts whether it can be used for the OpenJDK6 VM (very old and incompatible with too much code).
> 
> The work around is... install the OracleVM ?
> 
> regards
> 
> Dannes
> 

-- 

Lluís Gili 
Ingent Grup Systems ~ http://www.ingent.net ~
Tel. 933935931