diff --git a/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java b/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java index 1aa01291e97..7c18ca7fe84 100644 --- a/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java +++ b/dropwizard-jetty/src/main/java/io/dropwizard/jetty/HttpsConnectorFactory.java @@ -182,7 +182,7 @@ * * * {@code excludedProtocols} - * ["SSLv3", "TLSv1", "TLSv1.1"] + * ["SSL.*", "TLSv1", "TLSv1\.1"] * * A list of protocols (e.g., {@code SSLv3}, {@code TLSv1}) which are excluded. These * protocols will be refused. @@ -193,7 +193,7 @@ * JVM default * * A list of cipher suites (e.g., {@code TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256}) which - * are supported. All other cipher suites will be refused. + * are supported. All other cipher suites will be refused * * * @@ -287,7 +287,7 @@ public class HttpsConnectorFactory extends HttpConnectorFactory { private List supportedProtocols; @Nullable - private List excludedProtocols = Arrays.asList("SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1"); + private List excludedProtocols = Arrays.asList("SSL.*", "TLSv1", "TLSv1\\.1"); @Nullable private List supportedCipherSuites; @@ -762,12 +762,12 @@ protected SslContextFactory configureSslContextFactory(SslContextFactory factory factory.setKeyManagerPassword(keyManagerPassword); } - if (needClientAuth != null && factory instanceof SslContextFactory.Server) { - ((SslContextFactory.Server) factory).setNeedClientAuth(needClientAuth); + if (needClientAuth != null) { + factory.setNeedClientAuth(needClientAuth); } - if (wantClientAuth != null && factory instanceof SslContextFactory.Server) { - ((SslContextFactory.Server) factory).setWantClientAuth(wantClientAuth); + if (wantClientAuth != null) { + factory.setWantClientAuth(wantClientAuth); } if (certAlias != null) {