Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

SSL Cipher Suites

SSL encryption ciphers are classified based on encryption key length as follows:

  • HIGH - key length larger than 128 bits
  • MEDIUM - key length equal to 128 bits
  • LOW - key length smaller than 128 bits

To avoid weak encyption vulnerability, it is advised that MEDIUM to HIGH encryption ciphers are used instead of LOW ciphers. In line with this, you can disable a list of cipher suites in jetty.xml like so:

Code Block
<Call name="addConnector">
      <New class="">
        <Set name="Port">8443</Set>
        <Set name="maxIdleTime">30000</Set>
        <Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
        <Set name="password">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
        <Set name="keyPassword">OBF:1u2u1wml1z7s1z7a1wnl1u2g</Set>
        <Set name="truststore"><SystemProperty name="jetty.home" default="." />/etc/keystore</Set>
        <Set name="trustPassword">OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4</Set>
      <!--you can disable cipher suites in the following section. Only supported cipher suites should be listed in this section. -->
        <Set name="ExcludeCipherSuites">
          <Array type="java.lang.String">

For more information, see also

Contact the core Jetty developers at
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery