Understanding web subsystem and TLS configurations Jboss EAP 6.4
Question
We would like to enforce all the connections both inbound and outbound to use TLSv1.2 protocol. I would like to understand if the configuration available in web subsystem->connector->ssl protocol is valid for both inbound and outbound connection
<subsystem xmlns="urn:jboss:domain:web:2.2" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true">
<ssl name="https" key-alias="jbossfuse" password="password" protocol="TLSv1.2" certificate-key-file="C:/Temp/truststore/jbossfuse-dev.jks"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="false">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
1 answers
solution1
0 2018-10-17 11:12:22
You have to configure TLSv1.2 enabled protocols for security-realms with the following configuration in tag.
<server-identities>
<ssl>
<engine enabled-protocols="TLSv1.1 TLSv1.2" />
<keystore ... />
</ssl>
....
</server-identities>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Patching JBoss EAP 6.4 fails
Queue lookup in JBoss EAP 6.4
RestEasy + Jackson and JBoss EAP 6.4
NoClassDefFoundError in JBOSS EAP6.4
Jboss (6.4 EAP) to WebSphere (7.x)
jboss eap 6.4 in maven access failed
Migrate from Jboss EAP 6.4 to WildFly 21
Compatibility of ejb with jdk 1.8 and jboss eap 6.4
Error deploying WAR file on JBOSS EAP 6.4
cannot run service jboss eap 6.4
Related Tags