2021-09-04 21:12:10 +07:00
|
|
|
<?xml version="1.0"?>
|
|
|
|
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "https://www.eclipse.org/jetty/configure_10_0.dtd">
|
2020-10-31 05:53:36 +07:00
|
|
|
|
2021-09-04 21:12:10 +07:00
|
|
|
<!-- ============================================================= -->
|
|
|
|
<!-- SSL ContextFactory configuration -->
|
|
|
|
<!-- ============================================================= -->
|
2020-10-31 05:53:36 +07:00
|
|
|
|
|
|
|
<!--
|
|
|
|
To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at
|
|
|
|
https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites
|
|
|
|
-->
|
2016-07-08 15:40:24 +07:00
|
|
|
|
2020-05-18 17:01:32 +07:00
|
|
|
<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory$Server">
|
2020-10-31 05:53:36 +07:00
|
|
|
<Set name="Provider"><Property name="jetty.sslContext.provider"/></Set>
|
2016-07-08 15:40:24 +07:00
|
|
|
<Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="etc/keystore"/></Set>
|
|
|
|
<Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
|
|
|
|
<Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set>
|
|
|
|
<Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set>
|
|
|
|
<Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" deprecated="jetty.keymanager.password" default="@ADEMPIERE_KEYSTOREPASS@"/></Set>
|
|
|
|
<Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" deprecated="jetty.truststore" default="etc/keystore"/></Set>
|
|
|
|
<Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" deprecated="jetty.truststore.password"/></Set>
|
|
|
|
<Set name="TrustStoreType"><Property name="jetty.sslContext.trustStoreType"/></Set>
|
|
|
|
<Set name="TrustStoreProvider"><Property name="jetty.sslContext.trustStoreProvider"/></Set>
|
2020-10-31 05:53:36 +07:00
|
|
|
<Set name="EndpointIdentificationAlgorithm"><Property name="jetty.sslContext.endpointIdentificationAlgorithm"/></Set>
|
2016-07-08 15:40:24 +07:00
|
|
|
<Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" deprecated="jetty.ssl.needClientAuth" default="false"/></Set>
|
|
|
|
<Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="false"/></Set>
|
2020-10-31 05:53:36 +07:00
|
|
|
<Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set>
|
|
|
|
<Set name="sslSessionCacheSize"><Property name="jetty.sslContext.sslSessionCacheSize" default="-1"/></Set>
|
|
|
|
<Set name="sslSessionTimeout"><Property name="jetty.sslContext.sslSessionTimeout" default="-1"/></Set>
|
|
|
|
<Set name="RenegotiationAllowed"><Property name="jetty.sslContext.renegotiationAllowed" default="true"/></Set>
|
|
|
|
<Set name="RenegotiationLimit"><Property name="jetty.sslContext.renegotiationLimit" default="5"/></Set>
|
|
|
|
<Set name="SniRequired"><Property name="jetty.sslContext.sniRequired" default="false"/></Set>
|
2016-07-08 15:40:24 +07:00
|
|
|
<Set name="renegotiationAllowed">FALSE</Set>
|
|
|
|
<Set name="ExcludeCipherSuites">
|
|
|
|
<Array type="String">
|
2020-10-31 05:53:36 +07:00
|
|
|
<Item>.*NULL.*</Item>
|
|
|
|
<Item>.*RC4.*</Item>
|
|
|
|
<Item>.*MD5.*</Item>
|
|
|
|
<Item>.*DES.*</Item>
|
|
|
|
<Item>.*DSS.*</Item>
|
|
|
|
<Item>.*_RSA_.*SHA1$</Item>
|
|
|
|
<Item>.*_RSA_.*SHA$</Item>
|
|
|
|
<Item>.*_RSA_.*MD5$</Item>
|
2016-07-08 15:40:24 +07:00
|
|
|
<Item>TLS_NULL_WITH_NULL_NULL</Item>
|
|
|
|
<Item>TLS_RSA_WITH_NULL_MD5</Item>
|
|
|
|
<Item>TLS_RSA_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_RSA_EXPORT_WITH_RC4_40_MD5</Item>
|
|
|
|
<Item>TLS_RSA_WITH_RC4_128_MD5</Item>
|
|
|
|
<Item>TLS_RSA_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5</Item>
|
|
|
|
<Item>TLS_RSA_WITH_IDEA_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_EXPORT_WITH_RC4_40_MD5</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_RC4_128_MD5</Item>
|
|
|
|
<Item>TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_DES_CBC_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_IDEA_CBC_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_DES_CBC_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_3DES_EDE_CBC_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_RC4_128_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_WITH_IDEA_CBC_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5</Item>
|
|
|
|
<Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</Item>
|
|
|
|
<Item>TLS_PSK_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_NULL_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_PSK_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_PSK_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_SEED_CBC_SHA</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_NULL_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_NULL_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_NULL_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_NULL_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_NULL_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_NULL_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_anon_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_anon_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_anon_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDH_anon_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_RC4_128_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_NULL_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384</Item>
|
|
|
|
<Item>TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256</Item>
|
|
|
|
<Item>TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_128_CCM</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_256_CCM</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_128_CCM_8</Item>
|
|
|
|
<Item>TLS_RSA_WITH_AES_256_CCM_8</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_128_CCM</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_256_CCM</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_128_CCM_8</Item>
|
|
|
|
<Item>TLS_PSK_WITH_AES_256_CCM_8</Item>
|
|
|
|
</Array>
|
|
|
|
</Set>
|
2020-10-31 05:53:36 +07:00
|
|
|
<Set name="ExcludeProtocols">
|
|
|
|
<Array type="java.lang.String">
|
|
|
|
<Item>SSL</Item>
|
|
|
|
<Item>SSLv2</Item>
|
|
|
|
<Item>SSLv2Hello</Item>
|
|
|
|
<Item>SSLv3</Item>
|
|
|
|
</Array>
|
|
|
|
</Set>
|
|
|
|
<!-- Example of how to configure a PKIX Certificate Path revocation Checker
|
|
|
|
<Call id="pkixPreferCrls" class="java.security.cert.PKIXRevocationChecker$Option" name="valueOf"><Arg>PREFER_CRLS</Arg></Call>
|
|
|
|
<Call id="pkixSoftFail" class="java.security.cert.PKIXRevocationChecker$Option" name="valueOf"><Arg>SOFT_FAIL</Arg></Call>
|
|
|
|
<Call id="pkixNoFallback" class="java.security.cert.PKIXRevocationChecker$Option" name="valueOf"><Arg>NO_FALLBACK</Arg></Call>
|
|
|
|
<Call class="java.security.cert.CertPathBuilder" name="getInstance">
|
|
|
|
<Arg>PKIX</Arg>
|
|
|
|
<Call id="pkixRevocationChecker" name="getRevocationChecker">
|
|
|
|
<Call name="setOptions">
|
|
|
|
<Arg>
|
|
|
|
<Call class="java.util.EnumSet" name="of">
|
|
|
|
<Arg><Ref refid="pkixPreferCrls"/></Arg>
|
|
|
|
<Arg><Ref refid="pkixSoftFail"/></Arg>
|
|
|
|
<Arg><Ref refid="pkixNoFallback"/></Arg>
|
|
|
|
</Call>
|
|
|
|
</Arg>
|
|
|
|
</Call>
|
|
|
|
</Call>
|
|
|
|
</Call>
|
|
|
|
<Set name="PkixCertPathChecker"><Ref refid="pkixRevocationChecker"/></Set>
|
|
|
|
-->
|
|
|
|
|
2020-05-18 17:01:32 +07:00
|
|
|
</Configure>
|