Expand my Community achievements bar.

AEM: running with SSLv3 disabled to address POODLE or CVE-2014-3566 SSL exploit

Avatar

Level 2
Level 2
10/15/15 7:27:41 PM

Hi,

Does anyone know how to configure AEM, when listening on a HTTPS port, to NOT offer SSLv3 as one of the protocols?  I am referring to the CQ java application itself, not Apache/Dispatcher.

Reason being, there is a new security issue with client browsers using an SSLv3 https session, so I'd like to address the issue in CQ itself as well.

Thanks!

Michael C.

Views

790

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
1 Reply

Avatar

Level 10
Level 10
9/24/16 10:26:57 PM

Configure in felix console jetty service below properties.

org.apache.felix.http.cqse.disabled_cipher_suites
org.apache.felix.http.cqse.enabled_cipher_suites
org.apache.felix.https.cqse.protocols.included

Views

693

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
AEM - Campaign Standard integration: email urls point to author

Views

74

Likes

0

Replies

0
Requesting Feedback from Dynamic Media Users: Adobe AEM Dynamic Media Survey

Views

160

Likes

0

Replies

0
[AEM access configuration] Manage permissions at program level Cloud Manager

Views

160

Likes

0

Replies

3
Setting up SSL in AEM to Enable HTTPS

Views

102

Likes

2

Replies

0
URL rewriting in AEM cloud using etc/maps and resource resolver mappings

Views

897

Likes

0

Replies

14