search

ninjaframework / ninja

Ninja is a full stack web framework for Java. Rock solid, fast and super productive.
http://www.ninjaframework.org
Apache License 2.0
1.91k stars 520 forks source link

Way to exclude cipher suites using standalone server #620

Open jonathanpopp opened 6 years ago

jonathanpopp commented 6 years ago

I need a way to Exclude Cipher Suites when using the ninja standalone server?

Particularly TLS1.0 which is considered obsolete and a few others.

jjlauer commented 6 years ago

If you need fine grained control over TLS, you'll either need to submit PRs to add them to the project or use a reverse proxy in front of your app.

We use nginx in front of our Ninja apps for detailed control over TLS (ciphers, stapling, etc.).

-Joe

On Tue, Jun 19, 2018 at 2:03 AM, jonathanpopp notifications@github.com wrote:

I need a way to Exclude Cipher Suites when using the ninja standalone server?

Particularly TLS1.0 which is considered obsolete and a few others.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/ninjaframework/ninja/issues/620, or mute the thread https://github.com/notifications/unsubscribe-auth/AAjwArB1_YuagEMmqrq-kXBzDfe8C5Qkks5t-JROgaJpZM4Us5Hr .