diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java index 42f109c7d4d..5025b2da2c4 100644 --- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java +++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java @@ -250,10 +250,14 @@ public class SslContextFactory extends AbstractLifeCycle setTrustAll(trustAll); addExcludeProtocols("SSL", "SSLv2", "SSLv2Hello", "SSLv3"); setExcludeCipherSuites( - "^.*_RSA_.*_(MD5|SHA|SHA1)$", + "SSL_RSA_WITH_DES_CBC_SHA", + "SSL_DHE_RSA_WITH_DES_CBC_SHA", "SSL_DHE_DSS_WITH_DES_CBC_SHA", + "SSL_RSA_EXPORT_WITH_RC4_40_MD5", + "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"); - } +} /** * Construct an instance of SslContextFactory diff --git a/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java b/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java index a5e65c02513..0ca664436f0 100644 --- a/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java +++ b/jetty-util/src/test/java/org/eclipse/jetty/util/ssl/SslContextFactoryTest.java @@ -29,7 +29,6 @@ import static org.junit.Assert.assertTrue; import java.io.IOException; import java.io.InputStream; import java.security.KeyStore; -import java.util.Arrays; import javax.net.ssl.SSLEngine; @@ -57,20 +56,6 @@ public class SslContextFactoryTest cf = new SslContextFactory(); } - @Test - public void testSLOTH() throws Exception - { - cf.setKeyStorePassword("storepwd"); - cf.setKeyManagerPassword("keypwd"); - - cf.start(); - - System.err.println(Arrays.asList(cf.getSelectedProtocols())); - for (String cipher : cf.getSelectedCipherSuites()) - System.err.println(cipher); - - } - @Test public void testNoTsFileKs() throws Exception {