Type |
Task
|
Priority |
Normal
|
Assignee | |
RedmineID |
3337
|
Version |
tigase-server-7.1.0
|
Spent time |
3h
|
Issue Votes (0)
Watchers (0)
Type |
Task
|
Priority |
Normal
|
Assignee | |
RedmineID |
3337
|
Version |
tigase-server-7.1.0
|
Spent time |
3h
|
We should disable
tls-jdk-nss-bug-workaround-active
mode by default as when it is enabled it limits number of encryption ciphers used for securing encrypted connection which makes connections to server less secure. Due to this fact, some web browsers do not connect to Tigase XMPP Server using HTTPS/WSS as allowed ciphers are not accepted by current web browsers (due to security issues).Additionally this mode was to allow XMPP clients using old OpenSSL versions to connect to Tigase XMPP Server. Now after some time I think that most clients use newer versions so this may be disabled by default.