in the light of the latest developments about the security of SSL encryption it would be time to remove the insecure cipher algorithms SSLv2Hello and SSLv3 from the list of valid cipher suites. Madsonic provides them as in the log file statet :
Code: Select all
oejus.SslContextFactory:Enabled Protocols [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2] of [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]