fix: exclude tls_rsa ciphers (#1737)

achmelo · web-flow · commit df013bf5d962 · 2021-08-27T16:18:46.000+02:00
* exclude tls_rsa ciphers

Signed-off-by: achmelo &lt;a.chmelo@gmail.com&gt;

* remove exclude ciphers

Signed-off-by: achmelo &lt;a.chmelo@gmail.com&gt;

* revert

Signed-off-by: achmelo &lt;a.chmelo@gmail.com&gt;
diff --git a/apiml-common/src/main/java/org/zowe/apiml/product/web/HttpConfig.java b/apiml-common/src/main/java/org/zowe/apiml/product/web/HttpConfig.java
@@ -181,7 +181,7 @@ private void setTruststore(SslContextFactory sslContextFactory) {
     public SslContextFactory.Client jettyClientSslContextFactory() {
         SslContextFactory.Client sslContextFactory = new SslContextFactory.Client();
         sslContextFactory.setProtocol(protocol);
-        sslContextFactory.setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$");
+        sslContextFactory.setExcludeCipherSuites("^.*_(MD5|SHA|SHA1)$", "^TLS_RSA_.*$");
         setTruststore(sslContextFactory);
         log.debug("jettySslContextFactory: {}", sslContextFactory.dump());
         sslContextFactory.setHostnameVerifier(secureHostnameVerifier());
