Java – how does GF3 (JDK 6) configure security protocols to remove outdated encryption

Java

In the company where I work, we have a server GF 3.1 with CAS 1 (JDK 6), which authenticates users in another system After the last update of Firefox (v.39x), we got the following information from the browser:

If you do not have this workaround or use another browser, you cannot access the site In chrome, I can access it normally, but if I look at the connection properties, it will say:

I can't configure all my customers' browsers or say they only use chrome Maybe chrome can do the same in the future So my solution is to configure the server correctly The problem is that I don't know what I should do

I found a place in GF where I can configure in configurations > Server config > network configuration > scheme > http-listner-2 > SSL

Then I found the here blacklist and some white lists of recommended passwords I tried to delete all black and all white But I still have this problem I think this list may be out of date

I appreciate any help

Solution

last. I found a solution

At:

>Add all available passwords > delete all Diffie Hellman passwords > save

After that, our application can be opened again on any browser I hope it can help someone

For administrators:

>Add all available passwords > delete all Diffie Hellman passwords > Save > Restart

Edit: compared with whitelist here, the remaining passwords that will become part of the new whitelist are:

White list

> TLS_ RSA_ WITH_ AES_ 128_ CBC_ SHA> SSL_ RSA_ WITH_ 3DES_ EDE_ CBC_ SHA

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.
THE END
分享
二维码
< <上一篇
下一篇>>