Details
-
Enhancement
-
Resolution: Done
-
Major
-
10.0.0.Final
-
None
Description
Add ability to specify allowed version of TLS/SSL protocol used by secured socket to iiop-openjdk subsystem. We need such configuration to be able to make sure that there is a possibility to turn off specific versions of protocol used (f.e. SSLv3 protocol to avoid POODLE attack). In most virtual machines (oracle and openjdk included) this change has been done already inside JVM configuration. Nevertheless adding such parameter to the subsystem will make it possible to configure this parameter independently of JVM making it secure no matter what JVM implementation is used.