From 628fb9b9326db040ce04d47315bd4333040e760d Mon Sep 17 00:00:00 2001 From: markt Date: Mon, 11 Aug 2008 20:57:16 +0000 Subject: [PATCH] Correct SSL docs as to the list of ciphers used by default. Add note about export grade ciphers. Add note (already in TC4) about cipher naming. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@684922 13f79535-47bb-0310-9956-ffa450edef68 --- webapps/docs/config/http.xml | 7 +++++-- webapps/docs/ssl-howto.xml | 5 ++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/webapps/docs/config/http.xml b/webapps/docs/config/http.xml index 4a488b05d..39ed42426 100644 --- a/webapps/docs/config/http.xml +++ b/webapps/docs/config/http.xml @@ -685,8 +685,11 @@ -

A comma seperated list of the encryption ciphers that may be used. - If not specified, then any available cipher may be used.

+

The comma separated list of encryption ciphers that this socket is + allowed to use. By default, the default ciphers for the JVM will be used. + Note that this usually means that the weak export grade ciphers will be + included in the list of available ciphers. The ciphers are specified using + the JSSE cipher naming convention.

 diff --git a/webapps/docs/ssl-howto.xml b/webapps/docs/ssl-howto.xml index e3e551a80..8bc0b33e0 100644 --- a/webapps/docs/ssl-howto.xml +++ b/webapps/docs/ssl-howto.xml @@ -465,7 +465,10 @@ values, depending on how you configured your keystore earlier:

ciphers The comma separated list of encryption ciphers that this socket is - allowed to use. By default, any available cipher is allowed. + allowed to use. By default, the default ciphers for the JVM will be + used. Note that this usually means that the weak export grade ciphers + will be included in the list of available ciphers. The ciphers are + specified using the JSSE cipher naming convention. algorithm -- 2.11.0