From 8788cb8db74d7e00c233a669ad6f50e1561f0020 Mon Sep 17 00:00:00 2001 From: IsmathBadsha Date: Thu, 7 May 2026 19:49:15 +0530 Subject: [PATCH] review_comments --- posts/2026-05-05-26.0.0.5-beta.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/posts/2026-05-05-26.0.0.5-beta.adoc b/posts/2026-05-05-26.0.0.5-beta.adoc index 5912964ff..0fc9f68aa 100644 --- a/posts/2026-05-05-26.0.0.5-beta.adoc +++ b/posts/2026-05-05-26.0.0.5-beta.adoc @@ -18,7 +18,7 @@ Navaneeth S Nair :url-about: / //Blank line here is necessary before starting the body of the post. -This beta release updates the `mcpServer-1.0` feature and simplifies SSL cipher configuration by the effective JDK cipher list by default and flexible `enabledCiphers` syntax. +This beta release updates the `mcpServer-1.0` feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible `enabledCiphers` syntax. // // // // // // // // // Change the RELEASE_SUMMARY to an introductory paragraph. This sentence is really @@ -159,7 +159,7 @@ This change modifies the existing attribute `enabledCiphers` in the `ssl` config Liberty's `securityLevel` based cipher categories no longer provide meaningful value. The `MEDIUM` and `LOW` categories contain no remaining ciphers. -The `enabledCiphers` attribute includes a new syntax option to add '+' or remove '–' specific ciphers from the effective JDK cipher list without redefining everything. A static list and +/- syntax in the same `enabledCiphers` entry is not allowed. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the effective JDK cipher list. +The `enabledCiphers` attribute now has two mutually exclusive modes: (1) Specify a custom list of ciphers separated by spaces, or (2) Specify filter criteria to add (+) or remove (-) cipher suites from the effective JDK cipher suites. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the effective JDK cipher list. *Existing Usage - A user sets `securityLevel` as `HIGH`*