[CXF-6086] Disable SSLv3 by default for clients (+ servers based on Jetty) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.0.3, 2.7.14
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

This task is to disable SSLv3 by default for both clients, as well as Jetty servers configured via CXF's HTTPJ namespace, due to the POODLE attack.

Attachments

Activity

People

Assignee:: Colm O hEigeartaigh

Reporter:: Colm O hEigeartaigh

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Nov/14 17:11

Updated:: 16/Feb/15 16:09

Resolved:: 05/Nov/14 17:12