发表新帖
发表新帖

Java http clients and POODLE

后端 未结
关注
4 1752
闹比i
闹比i 2020-12-05 11:31

Regarding the POODLE vulnerability, if I understand it correctly, it requires a client that automatically downgrades TLS protocol to SSLv3 when failing to establish a secure

4条回答
  • 遥遥无期
    遥遥无期 (楼主)
    2020-12-05 12:03

    You MUST disable SSL v3.0 on java clients if you use https.

    This can be done by adding this property on java 6/7:

    -Dhttps.protocols="TLSv1"

    And for Java 8 :

    -Dhttps.protocols="TLSv1,TLSv1.1,TLSv1.2"

    -Djdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2"

    Source : http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html

    0 讨论(0)
 看不清?
提交回复
热议问题