Author: jleroux
Date: Wed Nov 5 13:06:19 2014
New Revision: 1636864
URL:
http://svn.apache.org/r1636864Log:
Fixes the Poodle vulnerability following indications from "The Poodle fixer" at
https://issues.apache.org/jira/browse/OFBIZ-5848We will certainly have to evolve this in the future because this correction forces the protocol to TLSv1.2
Modified:
ofbiz/trunk/framework/catalina/ofbiz-component.xml
Modified: ofbiz/trunk/framework/catalina/ofbiz-component.xml
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/catalina/ofbiz-component.xml?rev=1636864&r1=1636863&r2=1636864&view=diff==============================================================================
--- ofbiz/trunk/framework/catalina/ofbiz-component.xml (original)
+++ ofbiz/trunk/framework/catalina/ofbiz-component.xml Wed Nov 5 13:06:19 2014
@@ -146,7 +146,8 @@ under the License.
<property name="keystoreType" value="JKS"/>
<property name="keyAlias" value="ofbiz"/>
<property name="keyPass" value="changeit"/>
- <property name="sslProtocol" value="TLS"/>
+ <property name="sslProtocol" value="TLSv1.2"/>
+ <property name="sslEnabledProtocols" value="TLSv1.2"/>
<property name="ciphers" value=""/>
</property>
</container>
@@ -203,7 +204,8 @@ under the License.
<property name="keystoreFile" value="framework/base/config/ofbizssl.jks"/>
<property name="keystorePass" value="changeit"/>
<property name="keystoreType" value="JKS"/>
- <property name="sslProtocol" value="TLS"/>
+ <property name="sslProtocol" value="TLSv1.2"/>
+ <property name="sslEnabledProtocols" value="TLSv1.2"/>
<property name="ciphers" value=""/>
</property>
</container>
Locked
