by jcompagner » Thu Aug 16, 2012 9:47 pm
i explained that in the comment i did in that jira issue.
The tunnel now supports only allowing certain ciphers.
In 6.0 you can add that as a property in the servoy.properties file under they key: SocketFactory.SSLSupportedSuites
In 6.1 we also added this to the network settings area on the admin page
So for this to work you have to enable the tunnel mode http&socket or socket then the socket part will use the specific ciphers that are given as a comma separated string: SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA
The http part (or if you set the tunnel in http mode only) is handled by tomcat (see forum post). So for a http mode only you don't need this, you only configure the tomcat configuration.
only in 6.0.7 and greater.
Johan Compagner
Servoy