Does Jetty use OpenSSL and is it vulnerable to the Heartbleed bug?
https://stackoverflow.com//questions/23018601
-
21-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian質問
Does the Jetty Servlet container use OpenSSL, and is it vulnerable to the Heartbleed bug? I think it should not be impacted as it is supposed to use its own implementation of SSL but I don't know enough of what's going on under the hood to be sure.
解決
From older Jetty docs:
This is an overview of how to configure SSL for Jetty, which uses Sun's reference implementation for the Java Secure Sockets Extension (JSSE).
I would imagine this still holds, though depending on your use case you may want to wait for a more authoritative answer (or ping Jetty devs directly).
EDIT: bumping this up from the comments below. This question has been answered on the jetty-users list:
http://dev.eclipse.org/mhonarc/lists/jetty-users/msg04624.html
