Don't use SSL anymore to avoid POODLE attack
For details about poodle see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 Bug 450170 Change-Id: Ib169e88d9d51f4d0e6caa3a498f48edc81e0991d Signed-off-by: Dani Megert <Daniel_Megert@ch.ibm.com> Signed-off-by: Matthias Sohn <matthias.sohn@sap.com>
This commit is contained in:
parent
dcb52291a9
commit
3e131a35e3
|
@ -186,7 +186,7 @@ public void setHostnameVerifier(HostnameVerifier hostnameverifier) {
|
|||
public void configure(KeyManager[] km, TrustManager[] tm,
|
||||
SecureRandom random) throws NoSuchAlgorithmException,
|
||||
KeyManagementException {
|
||||
SSLContext ctx = SSLContext.getInstance("SSL"); //$NON-NLS-1$
|
||||
SSLContext ctx = SSLContext.getInstance("TLS"); //$NON-NLS-1$
|
||||
ctx.init(km, tm, random);
|
||||
((HttpsURLConnection) wrappedUrlConnection).setSSLSocketFactory(ctx
|
||||
.getSocketFactory());
|
||||
|
|
Loading…
Reference in New Issue