Is there any JVM option or Grizzly framework config file to prevent SSLv3 connections ? Somehow to disable SSLv3 and allow TLS cipher only. Any other idea is welcome.
Asked
Active
Viewed 2,176 times
3
-
Have you considered to run GlassFish behind a reverse proxy (Apache HTTP) server? One could fix the Poodle vulnerability with just one line in the configuration file. – mjn Oct 21 '14 at 11:57
-
Maybe you can share this apache config. Even though this interface is internal on the oam interface and I have no means to put a proxy infront. – user2050516 Oct 21 '14 at 12:08
-
`SSLProtocol All -SSLv2 -SSLv3` (see also: https://bettercrypto.org/) – mjn Oct 21 '14 at 12:46
1 Answers
2
Do you have a web admin console in GlassFish 2? In GlassFish 3, the admin can disable SSLv3 under Network Config / Network Listeners / http-listener-n / SSL tab
See screenshots at http://javadude.wordpress.com/2010/04/06/getting-started-with-glassfish-v3-and-ssl/
mjn
- 36,362
- 28
- 176
- 378
-
that looks promising, I have the SSL tab. I have to test ... I will be back after some time – user2050516 Oct 21 '14 at 13:31