<!-- =========================================================== --> <!-- =========================================================== --> <!-- One of each type! --> <!-- =========================================================== --> <
Call name="addConnector">
<
Set name="host"><
Property name="jetty.host" /></
Set>
<
Set name="maxIdleTime">300000</
Set>
<
Set name="Acceptors">2</
Set>
<
Set name="statsOn">false</
Set>
<
Set name="confidentialPort">
<
Call name="addConnector">
<
Set name="wantClientAuth">true</
Set>
<
Set name="needClientAuth">false</
Set>
<
Set name="ExcludeProtocols">
<
Set name="maxIdleTime">30000</
Set>
<
Set name="ExcludeCipherSuites">
<
Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</
Item>
<!-- EXP-EDH-RSA-DES-CBC-SHA or EXP-DHE-RSA-DES-CBC-SHA --> <
Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA </
Item>
<
Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA</
Item>
<
Item>SSL_RSA_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DH_anon_WITH_DES_CBC_SHA</
Item>
<
Item>TLS_KRB5_WITH_DES_CBC_SHA</
Item>
EDH-RSA-DES-CBC-SHA or DHE-RSA-DES-CBC-SHA is excluded above <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> <
Item>SSL_RSA_WITH_RC4_128_MD5</
Item>
<
Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_DH_anon_WITH_RC4_128_MD5</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>TLS_KRB5_WITH_RC4_128_MD5</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_anon_WITH_RC4_128_SHA</
Item>
<
Item>TLS_KRB5_WITH_RC4_128_SHA</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA</
Item>
ECDHE-RSA-RC4-SHA is excluded above <Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item> <
Call name="addConnector">
<
Set name="wantClientAuth">true</
Set>
<
Set name="needClientAuth">true</
Set>
<
Set name="ExcludeProtocols">
<
Set name="maxIdleTime">30000</
Set>
<
Ref id="MutualAuthPort"/>
<
Set name="ExcludeCipherSuites">
<
Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</
Item>
<!-- EXP-EDH-RSA-DES-CBC-SHA or EXP-DHE-RSA-DES-CBC-SHA --> <
Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA </
Item>
<
Item>TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA</
Item>
<
Item>SSL_RSA_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</
Item>
<
Item>SSL_DH_anon_WITH_DES_CBC_SHA</
Item>
<
Item>TLS_KRB5_WITH_DES_CBC_SHA</
Item>
EDH-RSA-DES-CBC-SHA or DHE-RSA-DES-CBC-SHA is excluded above <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item> <
Item>SSL_RSA_WITH_RC4_128_MD5</
Item>
<
Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_DH_anon_WITH_RC4_128_MD5</
Item>
<
Item>SSL_DH_anon_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>TLS_KRB5_WITH_RC4_128_MD5</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_MD5</
Item>
<
Item>SSL_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_ECDSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDHE_ECDSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</
Item>
<
Item>TLS_ECDH_anon_WITH_RC4_128_SHA</
Item>
<
Item>TLS_KRB5_WITH_RC4_128_SHA</
Item>
<
Item>TLS_KRB5_EXPORT_WITH_RC4_40_SHA</
Item>
ECDHE-RSA-RC4-SHA is excluded above <Item>TLS_ECDHE_RSA_WITH_RC4_128_SHA</Item> <!-- Set the pax-web osgi port values -->