Commit 54ad767b authored by Mickaël Guessant's avatar Mickaël Guessant

Improve TLS settings: disable Client-initiated TLS renegotiation with...

Improve TLS settings: disable Client-initiated TLS renegotiation with jdk.tls.rejectClientInitiatedRenegotiation and force strong ephemeral Diffie-Hellman parameter with jdk.tls.ephemeralDHKeySize


git-svn-id: https://svn.code.sf.net/p/davmail/code/trunk@2460 3d1905a2-6b24-0410-a738-b14d5a86fcbd
parent 867bb083
......@@ -70,6 +70,11 @@ public final class DavGatewayHttpClientFacade {
private static IdleConnectionTimeoutThread httpConnectionManagerThread;
static {
// disable Client-initiated TLS renegotiation
System.setProperty("jdk.tls.rejectClientInitiatedRenegotiation", "true");
// force strong ephemeral Diffie-Hellman parameter
System.setProperty("jdk.tls.ephemeralDHKeySize", "2048");
DavGatewayHttpClientFacade.start();
// register custom cookie policy
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment