On WebView install v10.1 will I need to add the following lines to the “webview-jetty-config.xml” file?
<!-- This is for LogJam Vulnerability and also for BAE Systems
for C&A efforts to address SSL Cipher Vulnerabilities
-->
<Set name="cipherSuites">
<Array type="java.lang.String">
<Item>TLS_RSA_WITH_AES_128_CBC_SHA</Item>
<Item>TLS_RSA_WITH_AES_128_CBC_SHA256</Item>
<Item>TLS_EMPTY_RENEGOTIATION_INFO_SCSV</Item>
</Array>
</Set>
Because it already has the following entries…
<!-- List of accepted protocols. You can add or remove any individual protocols (under <Item>) but do not comment out the whole set as EM start up will fail -->
<!-- SSLv2Hello can be added for compatibility purpose when using SUN/Oracle JVM-->
<!-- SSLv2Hello is not an accepted protocol for IBM JVM. Use SSL instead of SSLv2Hello if using IBM JVM -->
<!-- IBM JVM also provides the following protocols which can be added below: SSL_TLSv2, SSL_TLS, SSL -->
<Set name="protocols">
<Array type="java.lang.String">
<Item>TLSv1.2</Item>
<Item>TLSv1.1</Item>
<Item>TLSv1</Item>
</Array>
</Set>
KulbirNijjer Hiko_Davis Guenter_Grossberger Keith.W Viruvaibhav_apm nkarthik Fred.K whibr08 Richard_Little