CKB:Reenabling deprecated Cipher Suites

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche


Applies to:

All Cryptshare Server versions

Situation:

The Cryptshare Web Server has been pre-configured not to use any protocols or cipher suites known to be insecure. However, this can prevent older browsers from successfully establishing an SSL connection with the Cryptshare server.

Solution:

Cipher Suite usage can be configured by editing the file "resources\WEB-INF\ui-config.xml" located in the Cryptshare Server installation directory. The Cipher Suites required for TLS 1.0 and 1.1 must be added to the "includeCipherSuites" section and removed from the "excludeCipherSuites" section. <Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item> <Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item> For futher information, please see the following article: Web Server Configuration