Securing Stash (using Tomcat) against Poodle Disabling SSLv3
目的
Disabling SSLV3 in Stash instances utilizing a Tomcat container in order to secure against the Poodle Exploit.
How To
- Stop Stash
Edit
<Stash Installation Directory>/conf/server.xml
You'll see:
Please note these are default values, yours may look differentserver.xml<Connector port="8443" maxHttpHeaderSize="8192" SSLEnabled="true" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" useBodyEncodingForURI="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" />
Add the following to the connector:
SSLEnabled="true" sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"
Start Stash
最終更新日: 2014 年 10 月 15 日
Powered by Confluence and Scroll Viewport.