AnsweredAssumed Answered

Need "webview jetty config" help....ASAP!!!

Question asked by mparikh72 Champion on Mar 23, 2016
Latest reply on Mar 23, 2016 by mparikh72

On WebView install v10.1 will I need to add the following lines to the “webview-jetty-config.xml” file?

 

<!-- This is for LogJam Vulnerability and also for BAE Systems

for C&A efforts to address SSL Cipher Vulnerabilities

-->

<Set name="cipherSuites">

<Array type="java.lang.String">

<Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>

<Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>

<Item>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</Item>

</Array>

</Set>

 

Because it already has the following entries…

 

<!-- List of accepted protocols. You can add or remove any individual protocols (under <Item>) but do not comment out the whole set as EM start up will fail -->

<!-- SSLv2Hello can be added for compatibility purpose when using SUN/Oracle JVM-->

<!-- SSLv2Hello is not an accepted protocol for IBM JVM. Use SSL instead of SSLv2Hello if using IBM JVM -->

<!-- IBM JVM  also provides the following protocols which can be added below: SSL_TLSv2, SSL_TLS, SSL -->

<Set name="protocols">

<Array type="java.lang.String">

<Item>TLSv1.2</Item>

<Item>TLSv1.1</Item>

<Item>TLSv1</Item>

</Array>

  </Set>

 

KulbirNijjer Hiko_Davis Guenter_Grossberger Keith.W Viruvaibhav_apm nkarthik Fred.K whibr08 Richard_Little

Outcomes