Secure against Logjam Vulnerability

In order to mitigate for the Logjam vulnerability, the changes listed below are required. Note this is only applicable if you are accessing Rhythmyx over SSL.

Edit <Rhythmyx>/AppServer/server/rx/deploy/jboss-web.deployer/server.xml.

<Connector port="443" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" keystoreFile="keystorefilepath" keystorePass="keystorepass" xpoweredBy="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" protocol="HTTP/1.1" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA"/>

Leave a comment

*
*