...
- Make a backup of the
<PRODUCT_HOME>/repository/conf/tomcat/catalina-server.xmlfile and stop the server (same as for disabling SSL version 3). Add the
cipherattribute to the existing configuration in thecatalina-server.xmlfile by adding the list of ciphers that you want your server to support as follows:ciphers="<cipher-name>,<cipher-name>".Code Block ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"Start the server.
...
Configuring the PassThrough transport
If you have enabled the pass-through PassThrough transport, do the following:
Stop the server.
Open the
<ESB_HOME>/repository/conf/axis2/axis2.xmlfile and based on the JDK version you are using add the specified parameter under the under the<transportReceiver name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLListener">element as well as under the the<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">element.If you are using JDK 1.6, add the following parameter:
Code Block <parameter name="HttpsProtocols">TLSv1</parameter>
If you are using JDK 1.7, add the following parameter:
Code Block <parameter name="HttpsProtocols">TLSv1,TLSv1.1,TLSv1.2</parameter>If you are using JDK 1.8, add the following parameter:
Code Block <parameter name="HttpsProtocols">TLSv1,TLSv1.1,TLSv1.2</parameter>
Start the server.
Test the pass-through transport using the following command with the corresponding port:
Code Block $ java -jar TestSSLServer.jar localhost 8243