Hi,
As server, I need only authentication without encryption so for deduce the
overhead
I want to allow clients to connect with null ciphers.
Can I have an option to configure it in CXF configuration file?
I've tried to include NULL ciphers in the filter (under TLS server
parameters) like this: <sec:include>.*_WITH_NULL_.*</sec:include>
but I keep getting: javax.net.ssl.SSLHandshakeException: no cipher suites in
common.
I've also tried to to set the ciphersuite element with supported ciphers
that my client connects with:
<sec:cipherSuites>
<sec:cipherSuite>SSL_RSA_WITH_NULL_SHA</sec:cipherSuite>
<sec:cipherSuite>SSL_RSA_WITH_NULL_MD5</sec:cipherSuite>
</sec:cipherSuites>
and I still gets "no cipher suites in common".
I've seen that NULL ciphers aren't enabled by default in some JSSE
providers.
Do I have to to configure something more? maybe in jetty?
Any help will be appreciated!
Thanks,
As server, I need only authentication without encryption so for deduce the
overhead
I want to allow clients to connect with null ciphers.
Can I have an option to configure it in CXF configuration file?
I've tried to include NULL ciphers in the filter (under TLS server
parameters) like this: <sec:include>.*_WITH_NULL_.*</sec:include>
but I keep getting: javax.net.ssl.SSLHandshakeException: no cipher suites in
common.
I've also tried to to set the ciphersuite element with supported ciphers
that my client connects with:
<sec:cipherSuites>
<sec:cipherSuite>SSL_RSA_WITH_NULL_SHA</sec:cipherSuite>
<sec:cipherSuite>SSL_RSA_WITH_NULL_MD5</sec:cipherSuite>
</sec:cipherSuites>
and I still gets "no cipher suites in common".
I've seen that NULL ciphers aren't enabled by default in some JSSE
providers.
Do I have to to configure something more? maybe in jetty?
Any help will be appreciated!
Thanks,