How to disable SSLv3 on port8090?

If you’re running a service on port 8090 (commonly used by Jetty, Jenkins, or custom applications), disabling SSLv3 is essential to prevent vulnerabilities like POODLE.

Here’s how to do it depending on your stack:

Apache Tomcat (running on port 8090)

  1. Open the server.xml configuration file located in conf/ directory.

  2. Find the <Connector> tag configured for port 8090.

  3. Modify it to explicitly disable SSLv3:

    <Connector port="8090"
               protocol="org.apache.coyote.http11.Http11NioProtocol"
               SSLEnabled="true"
               maxThreads="200"
               scheme="https"
               secure="true"
               clientAuth="false"
               sslProtocol="TLS"
               sslEnabledProtocols="TLSv1.2,TLSv1.3"
               keystoreFile="conf/keystore.jks"
               keystorePass="yourpassword" />
    

Make sure sslEnabledProtocols does not include SSLv3.

Restart Tomcat:

systemctl restart tomcat

Nginx Reverse Proxy (forwarding to port 8090)

If you’re using Nginx as a reverse proxy for an app on port 8090:

server {
    listen 443 ssl;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass http://localhost:8090;
    }
}

Reload Nginx:

nginx -s reload

Jenkins (Default on 8080/8090)

For Jenkins with HTTPS enabled via Java keystore:

Edit the jenkins.xml or your service configuration where Jenkins is started with --httpsPort=8090.

Add the following to your startup parameters:

-Dhttps.protocols=TLSv1.2,TLSv1.3

Avoid SSLv3 anywhere in your config or JVM options.

Restart Jenkins:

systemctl restart jenkins

Java-Based Applications on Port 8090

If you’re running a custom Java server:

Ensure your JVM is launched with:

-Dhttps.protocols=TLSv1.2,TLSv1.3

If you’re using SSLContext manually:

SSLContext ctx = SSLContext.getInstance("TLSv1.2");
ctx.init(...);
SSLServerSocketFactory factory = ctx.getServerSocketFactory();

Avoid using SSLv3 in any part of your code or configuration.

Share:

More Posts

Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments