How to disable weak-ciphers on rmi port on Jboss 4.2.3GA?

I don't have any service connector port setting for rmi in file /deploy/jboss-web.deployer/server.xml. I have an mbean for org.jboss.invocation.jrmp.server.JRMPInvoker in /conf/jboss-service.xml...

Using different cipher than default

I need to connect to a server using only one cipher - "ADH-RC4-MD5". I'm looking for a generic solution which will enable me to check what cipher the server is using (I'm a provisioning server...

How to debug SSL/TLS in server side

I have an application which connects to the server using ssl/tls protocol, what I want to know is in which cipher does it choses to do the handshake, my application server is on IIS win2008r2 ,...

How do I disallow particular SSL protocols in Jetty?

I have a web application running on Jetty 6 + Open JDK 7 on Debian 6.0.7. I have a security requirement to accept a TLS handshake but not an SSLv3.0 handshake when a client initiates an HTTPS...

Awk vs Awk + cut vs. bash

We all know that there are always multiple ways to solve a problem. I was wondering what the upsides and downsides of each of the particular solutions in one case would be. Time- and space-wise...

Why don't Node.js TLS supported ciphers correspond to the openssl supported ciphers?

According to openssl, these are the ciphers that it supports: DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS ...

Install SSL on EC2 Tomcat server

I'm trying to get a CA cert/SSL working on an AWS EC2 instance with Ubuntu and Tomcat 7.0.52. Browser's fail to connect. Here are the steps I went thru: keytool -genkey -alias mydomain -keyalg RSA...

ImportError: No module named sslscan

I am trying to install SSLScan from source. I cloned the git repo from https://github.com/DinoTools/sslscan.git And did the following: mkdir build cd build cmake .. make make install I will...

How to disable the SSLv3 protocol in Jetty to prevent Poodle Attack

Is there any specific exclusion list available which disables only SSLv3 ciphers are not TLSv1/2. I have jetty 8, and upgrading to 9 is not an option now. My current jetty-ssl.xml looks as...

Upgrading to latest version of Git

Trying to upgrade to the latest version of Git. because I get the message "Your version of git is 1.8.5.2. Which has serious security vulnerabilities" I have upgraded via homebrew but it still...

How do i get more Cipher suites available in WildFly 8

due to the Logjam attack i had to revisit my available cipher suites. I use WildFly 8.2 and Java 7 u67. I use sslscan to test available cipher suites. Initially i had this available: Then i...

Internet Explorer HTTPS request aborted?

I installed a new signed certificate (SHA256 instead of SHA1) on my tomcat server. I initialized a new keystore like the old one. But after this I am unable to connect to my site via the Internet...

Parse multiple XML Tags in Go

I'm trying to parse an xml file for sslscan which has the following output (shortened). I want to parse it with Go. <document title="SSLScan Results"> <ssltest host="x.x.x.x" port="443"> ...

sslscan: TLS renegotiation: ERROR: Could not open a connection to host on port 443

I am trying to find out what ciphers a server is now currently accepting, so I used sslscan to check, but it stops after "TLS renegotiation": [root]# ./sslscan 10.116.41.12:443 Version:...

Cannot disable SSLv3 on Amazon Linux Instance

I am using SSL Certificate issued by Go Daddy. On my Linux Instance following are the software details :- Apache Version - Apache/2.4.16 (Amazon) Openssl Version - OpenSSL 1.0.1k-fips 8 Jan...

SSL on embedded tomcat 8 (Spring boot) )is not working

I generated symmetric key AES with 128 bit using the following command. keytool -genseckey -alias myPvtKey -keyalg AES -keysize 128 -storetype jceks -keystore myPvt.jks gave the keystore password...

Git warnings when updating homebrew OS X

Last login: Mon Mar 7 17:35:51 on console ~ brew update warning: unable to access '/Users/Jason/.config/git/ignore': Permission denied warning: unable to access...

How do I support TLS 1.x only (in my webservice)?

I'm trying to control what TLS/SSL protocols are supported for a HTTPS connections to my webservice, by using a TIdServerIOHandlerSSLOpenSSL component and setting its SSLOptions.Method and...

Configuring SSL cipher suites for Jetty

I am trying to set the allowed ssl cipher suites for the embedded jetty server in my application. If I only use IncludeCipherSuites setting for SslContextFactory in the xml file setting for some...

Can't disable TLSv1 and RC4-SHA

I need to unsupport TLSv1 and RC4-SHA So i have this lines in my ssl.conf SSLProtocol +TLSv1.2 +TLSv1.1 -TLSv1 SSLCompression off SSLHonorCipherOrder on SSLCipherSuite...

apache + nginx ssl ciphers to enable / disable in 07/2016

on the one hand i would like to disable as many (weak) ciphers as possible but on the other hand don't want to exclude too many users. So i read much stuff and saw many examples. Some of them are...

Jetty 9.3.8.v20160314 rejects TLSv1 and TLSv1.1 but not TLSv1.2 connections

Ubuntu 14.04.4 LTS (GNU/Linux 3.13.0-91-generic x86_64) java version "1.8.0_91" Java(TM) SE Runtime Environment (build 1.8.0_91-b14) Java HotSpot(TM) 64-Bit Server VM (build 25.91-b14, mixed...

SSL/TLS secure channel issues

I'm connecting to a server using TLS 1.2 SRV 2K12 R2 but ultimately getting the dreaded "COULD NOT CREATE SSL/TLS SECURE CHANNEL". I was wondering if it'd be possible to figure out the reason via...

Why I cannot disable 128bit cipher in node https?

I try to only use 256bit cipher suites only with following setup: const https = require('https'); const fs = require('fs'); const constants = require('constants'); const serverKey =...

How to harden rails+webrick+https with insecure ciphers removed on Ruby 2.2

Updated: At first, my test code didn't adequately show ruby 2.4 sees the :SSLCiphers option whereas ruby 2.2 does not. I have edited the example code below to make that clear. Updated: Since my...

sslscan.c:94:25: fatal error: openssl/err.h: No such file or directory compilation terminated. #163

I am need to install sslscan tool for ssl scanning (from here) in ubuntu virtual machine (virtualbox). Following their installation instructions provided here, I installed openssl-chacha from...

I am using websockify 0.8.0 the latest version, but it doesn't support TLS-1.2

I am using websockify 0.8.0 the latest version, but it doesn't support TLS-1.2 by default. I am looking for the strong cipher to be displayed for sslscan --no-hearbleed hostname:6080 command...

Tomcat 8.5.34 accepted ciphers/protocols when using OpenSSLImplementation

I'm using tomcat version 8.5.34 and is put behind a NGINX. Because i want to reuse the connection (prevent repeating handshakes) i'm investigating the ussage of OpenSSLImplementation. My...

Azure text-to-speech is not accessable in Windows 2012 r2

https://azure.microsoft.com/en-us/updates/azuretls12/ - here MS says that they are going to switch to tls12, it is okey. Win2012r2 support this version of TLS. Here the list of cipher that win10...

TLS 1.2 cipher suites error, Schannel Event ID 36874 and 36888

I'm seeing the following pair of errors in eventvwr on Windows Server 2008 R2: An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported...