diff --git a/README.md b/README.md index 6d3fdd61..8b99de50 100644 --- a/README.md +++ b/README.md @@ -523,7 +523,10 @@ SSLFactory sslFactory = SSLFactory.builder() sslFactory.getSslParameters().setCipherSuites(new String[]{"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}) ``` -Please note that this might not work for all http clients and servers. It works for out of the box with Jetty, but for Netty it needs some additional configuration see the code snippet below. It basically depends on how the http client or server uses the ciphers or other ssl properties during the ssl handshake. +Please note that this might not work for all http clients and servers. It works out of the box with Jetty, but for Netty it needs some additional configuration see the code snippet below. It basically depends on how the http client or server uses the ciphers or other ssl properties during the ssl handshake. +Please be aware that this option has some limitations/drawbacks. It might cause other options of a server not to work, so it is advised to test this option in dept. If it breaks your server configuration such as ALPN I would not recommend to use reloadable ssl parameters. Updating your server properties and running a rolling update/restarting your server would be a better option. + +The option below might be needed for some servers/clients to reload ssl parameters, for example Netty Server. ```text SSLFactory sslFactory = ... // your initialized SSLFactory similar to the above one with SwappableSslParameters Provider provider = ProviderUtils.create(sslFactory);