CKB:The internal IP address is revealed in HTTP1.0: Unterschied zwischen den Versionen

Aktuelle Version vom 30. Dezember 2022, 15:00 Uhr

Applies to

All versions of Cryptshare Server

Symptom

When requesting a page from a Cryptshare Server, the internal IP address of the server is revealed:

nc my.cryptshare.server 80

GET / HTTP/1.0

HTTP/1.1 302 Found
Date: Fri, 12 Jun 2015 07:43:06 GMT
X-Frame-Options: SAMEORIGIN
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Location: http://10.0.1.1/Start
Content-Length: 0

Cause

HTTP 1.0 does not support the host-header and the Jetty Server therefore uses the server IP address instead.

Solution

For each Jetty configuration file (User,- and Administration Interface) an additional customizer must be added for both Http-Configurations (http,https).

open the Jetty XML configuration file for which the configuration shall be made
1. user Interface: 'resources/WEB-INF/ui-config.xml'
2. administration Interface: 'resources/WEB-INF/ai-config.xml
introduce a 'New'-Tag for a HostHeaderCustomizer
add a 'Call'-Tag for the new customizer for httpConfig-section
add a 'Call'-Tag for the new customizer for tlsHttpConfig-section
save changes
restart Cryptshare Server

Please edit your config files accordingly

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "resources/WEB-INF/configure.dtd">
<Configure id="Cryptshare" class="org.eclipse.jetty.server.Server">
	<New class="org.eclipse.jetty.server.HostHeaderCustomizer" id="hostHeaderCustomizer">
        <Arg>myServerName</Arg>
    </New>
    [...]
     <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
        [...]
        <Call name="addCustomizer">
            <Arg>
                <Ref refid="hostHeaderCustomizer" />
            </Arg>
        </Call>
     </New>
     <New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
        [...]
        <Call name="addCustomizer">
            <Arg>
                <Ref refid="hostHeaderCustomizer" />
            </Arg>
        </Call>
     </New>
     [...]
</Configure>

Example config-files

This are example config files to be checked if they fit to your environment (Passwords, Cipher Suites, Ports, Names...).
Please remember to change YourServerName to the Name of your Server.
ai-config.xml with deactivated HTTP1.0 Expand source

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "resources/WEB-INF/configure.dtd">
<Configure id="Cryptshare" class="org.eclipse.jetty.server.Server">
<New class="org.eclipse.jetty.server.HostHeaderCustomizer" id="hostHeaderCustomizer">
<Arg>YourServerName</Arg>
</New>
<New id="sslContextFactory" class="com.befinesolutions.cryptshare.server.CSSSLContextFactory">
<Set name="KeyStorePath">lib/security/keystore</Set>
<Set name="KeyStorePassword">CA0AZhuFM4NogQh</Set>
<Set name="KeyManagerPassword">CA0AZhuFM4NogQh</Set>
<Set name="TrustStorePath">
<SystemProperty name="java.home" default="."/>/lib/security/cacerts
</Set>
<Set name="TrustStorePassword">changeit</Set>
<Set name="protocol">TLSv1.2</Set>
<Set name="renegotiationAllowed">false</Set>
<Set name="includeProtocols">
<Array type="java.lang.String">
<Item>TLSv1.2</Item>
</Array>
</Set>
<Set name="excludeProtocols">
<Array type="java.lang.String">
<Item>SSLv3</Item>
<Item>SSLv2Hello</Item>
<Item>TLSv1</Item>
<Item>TLSv1.1</Item>
</Array>
</Set>
<Set name="includeCipherSuites">
<Array type="java.lang.String">
<Item>TLS_ECDHE.*</Item>
</Array>
</Set>
<Set name="excludeCipherSuites">
<Array type="java.lang.String">
<Item>.*NULL.*</Item>
<Item>.*RC4.*</Item>
<Item>.*MD5.*</Item>
<Item>.*DES.*</Item>
<Item>.*DSS.*</Item>
<Item>TLS_RSA.*</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
</Array>
</Set>
</New>
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme">https</Set>
<Set name="securePort">
<SystemProperty name="cryptshare.ai.https.port" default="8080"/>
</Set>
<Set name="outputBufferSize">32768</Set>
<Set name="requestHeaderSize">8192</Set>
<Set name="responseHeaderSize">8192</Set>
<Set name="sendServerVersion">
<Property name="jetty.send.server.version" default="true"/>
</Set>
<Call name="addCustomizer">
<Arg>
<Ref refid="hostHeaderCustomizer" />
</Arg>
</Call>
</New>
<New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg>
<Ref refid="httpConfig"/>
</Arg>
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer"/>
</Arg>
</Call>
<Call name="addCustomizer">
<Arg>
<Ref refid="hostHeaderCustomizer" />
</Arg>
</Call>
</New>
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Cryptshare"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="httpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<Property name="jetty.host"/>
</Set>
<Set name="port">
<SystemProperty name="cryptshare.ai.http.port" default="9090"/>
</Set>
<Set name="idleTimeout">
<Property name="http.timeout" default="10000"/>
</Set>
<Set name="soLingerTime">
<Property name="http.soLingerTime" default="-1"/>
</Set>
</New>
</Arg>
</Call>
<Call id="sslConnector" name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Cryptshare"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">http/1.1</Arg>
<Arg name="sslContextFactory">
<Ref refid="sslContextFactory"/>
</Arg>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="tlsHttpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<Property name="jetty.host"/>
</Set>
<Set name="port">
<SystemProperty name="cryptshare.ai.https.port" default="8080"/>
</Set>
<Set name="idleTimeout">
<Property name="http.timeout" default="10000"/>
</Set>
<Set name="soLingerTime">
<Property name="http.soLingerTime" default="-1"/>
</Set>
</New>
</Arg>
</Call>
</Configure>
ui-config.xml with deactivated HTTP1.0 Expand source

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "resources/WEB-INF/configure.dtd">
<Configure id="Cryptshare" class="org.eclipse.jetty.server.Server">
<New class="org.eclipse.jetty.server.HostHeaderCustomizer" id="hostHeaderCustomizer">
<Arg>YourServerName</Arg>
</New>
<Arg name="threadpool">
<New class="org.eclipse.jetty.util.thread.QueuedThreadPool">
<Arg name="minThreads" type="int">5</Arg>
<Arg name="maxThreads" type="int">25</Arg>
<Arg name="idleTimeout" type="int">1000</Arg>
<Arg name="queue">
<New class="java.util.concurrent.ArrayBlockingQueue">
<Arg type="int">200</Arg>
</New>
</Arg>
</New>
</Arg>
<New id="sslContextFactory" class="com.befinesolutions.cryptshare.server.CSSSLContextFactory">
<Set name="KeyStorePath">lib/security/keystore</Set>
<Set name="KeyStorePassword">CA0AZhuFM4NogQh</Set>
<Set name="KeyManagerPassword">CA0AZhuFM4NogQh</Set>
<Set name="TrustStorePath">
<SystemProperty name="java.home" default="."/>/lib/security/cacerts
</Set>
<Set name="TrustStorePassword">changeit</Set>
<Set name="protocol">TLSv1.2</Set>
<Set name="renegotiationAllowed">false</Set>
<Set name="includeProtocols">
<Array type="java.lang.String">
<Item>TLSv1.2</Item>
</Array>
</Set>
<Set name="excludeProtocols">
<Array type="java.lang.String">
<Item>SSLv3</Item>
<Item>SSLv2Hello</Item>
<Item>TLSv1</Item>
<Item>TLSv1.1</Item>
</Array>
</Set>
<Set name="includeCipherSuites">
<Array type="java.lang.String">
<Item>TLS_ECDHE.*</Item>
</Array>
</Set>
<Set name="excludeCipherSuites">
<Array type="java.lang.String">
<Item>.*NULL.*</Item>
<Item>.*RC4.*</Item>
<Item>.*MD5.*</Item>
<Item>.*DES.*</Item>
<Item>.*DSS.*</Item>
<Item>TLS_RSA.*</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item>
<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item>
</Array>
</Set>
</New>
<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="secureScheme">https</Set>
<Set name="securePort">
<SystemProperty name="cryptshare.ui.https.port" default="443"/>
</Set>
<Set name="outputBufferSize">32768</Set>
<Set name="requestHeaderSize">8192</Set>
<Set name="responseHeaderSize">8192</Set>
<Set name="sendServerVersion">
<Property name="jetty.send.server.version" default="true"/>
</Set>
<Call name="addCustomizer">
<Arg>
<Ref refid="hostHeaderCustomizer" />
</Arg>
</Call>
</New>
<New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
<Arg>
<Ref refid="httpConfig"/>
</Arg>
<Call name="addCustomizer">
<Arg>
<New class="org.eclipse.jetty.server.SecureRequestCustomizer"/>
</Arg>
</Call>
<Call name="addCustomizer">
<Arg>
<Ref refid="hostHeaderCustomizer" />
</Arg>
</Call>
</New>
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Cryptshare"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="httpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<Property name="jetty.host"/>
</Set>
<Set name="port">
<SystemProperty name="cryptshare.ui.http.port" default="80"/>
</Set>
<Set name="idleTimeout">
<Property name="http.timeout" default="15000"/>
</Set>
<Set name="soLingerTime">
<Property name="http.soLingerTime" default="-1"/>
</Set>
</New>
</Arg>
</Call>
<Call id="sslConnector" name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ServerConnector">
<Arg name="server">
<Ref refid="Cryptshare"/>
</Arg>
<Arg name="factories">
<Array type="org.eclipse.jetty.server.ConnectionFactory">
<Item>
<New class="org.eclipse.jetty.server.SslConnectionFactory">
<Arg name="next">http/1.1</Arg>
<Arg name="sslContextFactory">
<Ref refid="sslContextFactory"/>
</Arg>
</New>
</Item>
<Item>
<New class="org.eclipse.jetty.server.HttpConnectionFactory">
<Arg name="config">
<Ref refid="tlsHttpConfig"/>
</Arg>
</New>
</Item>
</Array>
</Arg>
<Set name="host">
<Property name="jetty.host"/>
</Set>
<Set name="port">
<SystemProperty name="cryptshare.ui.https.port" default="443"/>
</Set>
<Set name="idleTimeout">
<Property name="http.timeout" default="15000"/>
</Set>
<Set name="soLingerTime">
<Property name="http.soLingerTime" default="-1"/>
</Set>
</New>
</Arg>
</Call>
</Configure>

@@ Zeile 1: / Zeile 1: @@
+== Applies to ==
-== Affected to: ==
 {{NoteBox|title=|content=All versions of Cryptshare Server
 }}
@@ Zeile 7: / Zeile 5: @@
 -----
-== Symptom: ==
+== Symptom ==
 When requesting a page from a Cryptshare Server, the internal IP address of the server is revealed:
   '''nc my.cryptshare.server 80'''
@@ Zeile 23: / Zeile 21: @@
 -----
-== Cause: ==
+== Cause ==
 HTTP 1.0 does not support the host-header and the Jetty Server therefore uses the server IP address instead.
 -----
-== Solution: ==
+== Solution ==
 For each Jetty configuration file (User,- and Administration Interface) an additional customizer must be added for both Http-Configurations (http,https).
-# open the [https://wiki.cryptshare.com/display/CSM/Web+Server+Configuration Jetty XML configuration] file for which the configuration shall be made
+# open the Jetty XML configuration file for which the configuration shall be made
 ## user Interface: 'resources/WEB-INF/ui-config.xml'
 ## administration Interface: 'resources/WEB-INF/ai-config.xml
@@ Zeile 37: / Zeile 35: @@
 # save changes
 # restart Cryptshare Server
-  '''Please edit your config files accordingly'''  '''Expand source'''
+  '''Please edit your config files accordingly'''
   <?xml version="1.0" encoding="UTF-8"?>
@@ Zeile 66: / Zeile 64: @@
 {{Panel|title=Example config-files|content=This are example config files to be checked if they fit to your environment (Passwords, Cipher Suites, Ports, Names...).<br />Please remember to change '''YourServerName''' to the Name of your Server.<br /> '''ai-config.xml with deactivated HTTP1.0'''  '''Expand source'''<br /> <br /> <?xml version="1.0" encoding="UTF-8"?><br /> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "resources/WEB-INF/configure.dtd"><br /> <Configure id="Cryptshare" class="org.eclipse.jetty.server.Server"><br /> 	<New class="org.eclipse.jetty.server.HostHeaderCustomizer" id="hostHeaderCustomizer"><br /> 		<Arg>YourServerName</Arg><br /> 	</New><br /> 	<New id="sslContextFactory" class="com.befinesolutions.cryptshare.server.CSSSLContextFactory"><br /> 		<Set name="KeyStorePath">lib/security/keystore</Set><br /> 		<Set name="KeyStorePassword">CA0AZhuFM4NogQh</Set><br /> 		<Set name="KeyManagerPassword">CA0AZhuFM4NogQh</Set><br /> 		<Set name="TrustStorePath"><br /> 			<SystemProperty name="java.home" default="."/>/lib/security/cacerts<br /> 		</Set><br /> 		<Set name="TrustStorePassword">changeit</Set><br /> 		<Set name="protocol">TLSv1.2</Set><br /> 		<Set name="renegotiationAllowed">false</Set><br />         <Set name="includeProtocols"><br />             <Array type="java.lang.String"><br />                 <Item>TLSv1.2</Item><br />             </Array><br />         </Set><br />         <Set name="excludeProtocols"><br />             <Array type="java.lang.String"><br />                 <Item>SSLv3</Item><br />                 <Item>SSLv2Hello</Item><br />                 <Item>TLSv1</Item><br />                 <Item>TLSv1.1</Item><br />             </Array><br />         </Set><br />         <Set name="includeCipherSuites"><br />             <Array type="java.lang.String"><br />                 <Item>TLS_ECDHE.*</Item><br />             </Array><br />         </Set><br />         <Set name="excludeCipherSuites"><br />             <Array type="java.lang.String"><br />                 <Item>.*NULL.*</Item><br />                 <Item>.*RC4.*</Item><br />                 <Item>.*MD5.*</Item><br />                 <Item>.*DES.*</Item><br />                 <Item>.*DSS.*</Item><br />                 <Item>TLS_RSA.*</Item><br /> 				<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item><br />             </Array><br />         </Set><br /> 	</New><br /> 	<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"><br /> 		<Set name="secureScheme">https</Set><br /> 		<Set name="securePort"><br /> 			<SystemProperty name="cryptshare.ai.https.port" default="8080"/><br /> 		</Set><br /> 		<Set name="outputBufferSize">32768</Set><br /> 		<Set name="requestHeaderSize">8192</Set><br /> 		<Set name="responseHeaderSize">8192</Set><br /> 		<Set name="sendServerVersion"><br /> 			<Property name="jetty.send.server.version" default="true"/><br /> 		</Set><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<Ref refid="hostHeaderCustomizer" /><br /> 			</Arg><br /> 		</Call><br /> 	</New><br /> 	<New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"><br /> 		<Arg><br /> 			<Ref refid="httpConfig"/><br /> 		</Arg><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<New class="org.eclipse.jetty.server.SecureRequestCustomizer"/><br /> 			</Arg><br /> 		</Call><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<Ref refid="hostHeaderCustomizer" /><br /> 			</Arg><br /> 		</Call><br /> 	</New><br /> 	<Call name="addConnector"><br /> 		<Arg><br /> 			<New class="org.eclipse.jetty.server.ServerConnector"><br /> 				<Arg name="server"><br /> 					<Ref refid="Cryptshare"/><br /> 				</Arg><br /> 				<Arg name="factories"><br /> 					<Array type="org.eclipse.jetty.server.ConnectionFactory"><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.HttpConnectionFactory"><br /> 								<Arg name="config"><br /> 									<Ref refid="httpConfig"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 					</Array><br /> 				</Arg><br /> 				<Set name="host"><br /> 					<Property name="jetty.host"/><br /> 				</Set><br /> 				<Set name="port"><br /> 					<SystemProperty name="cryptshare.ai.http.port" default="9090"/><br /> 				</Set><br /> 				<Set name="idleTimeout"><br /> 					<Property name="http.timeout" default="10000"/><br /> 				</Set><br /> 				<Set name="soLingerTime"><br /> 					<Property name="http.soLingerTime" default="-1"/><br /> 				</Set><br /> 			</New><br /> 		</Arg><br /> 	</Call><br /> 	<Call id="sslConnector" name="addConnector"><br /> 		<Arg><br /> 			<New class="org.eclipse.jetty.server.ServerConnector"><br /> 				<Arg name="server"><br /> 					<Ref refid="Cryptshare"/><br /> 				</Arg><br /> 				<Arg name="factories"><br /> 					<Array type="org.eclipse.jetty.server.ConnectionFactory"><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.SslConnectionFactory"><br /> 								<Arg name="next">http/1.1</Arg><br /> 								<Arg name="sslContextFactory"><br /> 									<Ref refid="sslContextFactory"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.HttpConnectionFactory"><br /> 								<Arg name="config"><br /> 									<Ref refid="tlsHttpConfig"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 					</Array><br /> 				</Arg><br /> 				<Set name="host"><br /> 					<Property name="jetty.host"/><br /> 				</Set><br /> 				<Set name="port"><br /> 					<SystemProperty name="cryptshare.ai.https.port" default="8080"/><br /> 				</Set><br /> 				<Set name="idleTimeout"><br /> 					<Property name="http.timeout" default="10000"/><br /> 				</Set><br /> 				<Set name="soLingerTime"><br /> 					<Property name="http.soLingerTime" default="-1"/><br /> 				</Set><br /> 			</New><br /> 		</Arg><br /> 	</Call><br /> </Configure><br /> '''ui-config.xml with deactivated HTTP1.0'''  '''Expand source'''<br /> <br /> <?xml version="1.0" encoding="UTF-8"?><br /> <!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "resources/WEB-INF/configure.dtd"><br /> <Configure id="Cryptshare" class="org.eclipse.jetty.server.Server"><br /> 	<New class="org.eclipse.jetty.server.HostHeaderCustomizer" id="hostHeaderCustomizer"><br /> 		<Arg>YourServerName</Arg><br /> 	</New><br /> 	<Arg name="threadpool"><br /> 		<New class="org.eclipse.jetty.util.thread.QueuedThreadPool"><br /> 			<Arg name="minThreads" type="int">5</Arg><br /> 			<Arg name="maxThreads" type="int">25</Arg><br /> 			<Arg name="idleTimeout" type="int">1000</Arg><br /> 			<Arg name="queue"><br /> 				<New class="java.util.concurrent.ArrayBlockingQueue"><br /> 					<Arg type="int">200</Arg><br /> 				</New><br /> 			</Arg><br /> 		</New><br /> 	</Arg><br /> 	<New id="sslContextFactory" class="com.befinesolutions.cryptshare.server.CSSSLContextFactory"><br /> 		<Set name="KeyStorePath">lib/security/keystore</Set><br /> 		<Set name="KeyStorePassword">CA0AZhuFM4NogQh</Set><br /> 		<Set name="KeyManagerPassword">CA0AZhuFM4NogQh</Set><br /> 		<Set name="TrustStorePath"><br /> 			<SystemProperty name="java.home" default="."/>/lib/security/cacerts<br /> 		</Set><br /> 		<Set name="TrustStorePassword">changeit</Set><br /> 		<Set name="protocol">TLSv1.2</Set><br /> 		<Set name="renegotiationAllowed">false</Set><br />         <Set name="includeProtocols"><br />             <Array type="java.lang.String"><br />                 <Item>TLSv1.2</Item><br />             </Array><br />         </Set><br />         <Set name="excludeProtocols"><br />             <Array type="java.lang.String"><br />                 <Item>SSLv3</Item><br />                 <Item>SSLv2Hello</Item><br />                 <Item>TLSv1</Item><br />                 <Item>TLSv1.1</Item><br />             </Array><br />         </Set><br />         <Set name="includeCipherSuites"><br />             <Array type="java.lang.String"><br />                 <Item>TLS_ECDHE.*</Item><br />             </Array><br />         </Set><br />         <Set name="excludeCipherSuites"><br />             <Array type="java.lang.String"><br />                 <Item>.*NULL.*</Item><br />                 <Item>.*RC4.*</Item><br />                 <Item>.*MD5.*</Item><br />                 <Item>.*DES.*</Item><br />                 <Item>.*DSS.*</Item><br />                 <Item>TLS_RSA.*</Item><br /> 				<Item>TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA</Item><br /> 				<Item>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</Item><br />             </Array><br />         </Set><br /> 	</New><br /> 	<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration"><br /> 		<Set name="secureScheme">https</Set><br /> 		<Set name="securePort"><br /> 			<SystemProperty name="cryptshare.ui.https.port" default="443"/><br /> 		</Set><br /> 		<Set name="outputBufferSize">32768</Set><br /> 		<Set name="requestHeaderSize">8192</Set><br /> 		<Set name="responseHeaderSize">8192</Set><br /> 		<Set name="sendServerVersion"><br /> 			<Property name="jetty.send.server.version" default="true"/><br /> 		</Set><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<Ref refid="hostHeaderCustomizer" /><br /> 			</Arg><br /> 		</Call><br /> 	</New><br /> 	<New id="tlsHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration"><br /> 		<Arg><br /> 			<Ref refid="httpConfig"/><br /> 		</Arg><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<New class="org.eclipse.jetty.server.SecureRequestCustomizer"/><br /> 			</Arg><br /> 		</Call><br /> 		<Call name="addCustomizer"><br /> 			<Arg><br /> 				<Ref refid="hostHeaderCustomizer" /><br /> 			</Arg><br /> 		</Call><br /> 	</New><br /> 	<Call name="addConnector"><br /> 		<Arg><br /> 			<New class="org.eclipse.jetty.server.ServerConnector"><br /> 				<Arg name="server"><br /> 					<Ref refid="Cryptshare"/><br /> 				</Arg><br /> 				<Arg name="factories"><br /> 					<Array type="org.eclipse.jetty.server.ConnectionFactory"><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.HttpConnectionFactory"><br /> 								<Arg name="config"><br /> 									<Ref refid="httpConfig"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 					</Array><br /> 				</Arg><br /> 				<Set name="host"><br /> 					<Property name="jetty.host"/><br /> 				</Set><br /> 				<Set name="port"><br /> 					<SystemProperty name="cryptshare.ui.http.port" default="80"/><br /> 				</Set><br /> 				<Set name="idleTimeout"><br /> 					<Property name="http.timeout" default="15000"/><br /> 				</Set><br /> 				<Set name="soLingerTime"><br /> 					<Property name="http.soLingerTime" default="-1"/><br /> 				</Set><br /> 			</New><br /> 		</Arg><br /> 	</Call><br /> 	<Call id="sslConnector" name="addConnector"><br /> 		<Arg><br /> 			<New class="org.eclipse.jetty.server.ServerConnector"><br /> 				<Arg name="server"><br /> 					<Ref refid="Cryptshare"/><br /> 				</Arg><br /> 				<Arg name="factories"><br /> 					<Array type="org.eclipse.jetty.server.ConnectionFactory"><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.SslConnectionFactory"><br /> 								<Arg name="next">http/1.1</Arg><br /> 								<Arg name="sslContextFactory"><br /> 									<Ref refid="sslContextFactory"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 						<Item><br /> 							<New class="org.eclipse.jetty.server.HttpConnectionFactory"><br /> 								<Arg name="config"><br /> 									<Ref refid="tlsHttpConfig"/><br /> 								</Arg><br /> 							</New><br /> 						</Item><br /> 					</Array><br /> 				</Arg><br /> 				<Set name="host"><br /> 					<Property name="jetty.host"/><br /> 				</Set><br /> 				<Set name="port"><br /> 					<SystemProperty name="cryptshare.ui.https.port" default="443"/><br /> 				</Set><br /> 				<Set name="idleTimeout"><br /> 					<Property name="http.timeout" default="15000"/><br /> 				</Set><br /> 				<Set name="soLingerTime"><br /> 					<Property name="http.soLingerTime" default="-1"/><br /> 				</Set><br /> 			</New><br /> 		</Arg><br /> 	</Call><br /> </Configure>
 }}
------

Inhaltsverzeichnis

Cryptshare Server[Bearbeiten | Quelltext bearbeiten]

Cryptshare for Outlook[Bearbeiten | Quelltext bearbeiten]

Cryptshare Robot[Bearbeiten | Quelltext bearbeiten]

Cryptshare for Notes[Bearbeiten | Quelltext bearbeiten]