update beta and GA blogs

navaneethsnair1 · navaneethsnair1 · commit f3a344435285 · 2026-05-19T23:13:04.000+05:30
diff --git a/blog_tags.json b/blog_tags.json
@@ -2,7 +2,8 @@
     "blog_tags": [
         {
             "name": "announcements",
-            "posts": ["26.0.0.5-beta", "26.0.0.4", "26.0.0.4-beta", 
+            "posts": ["26.0.0.5", "26.0.0.5-beta", 
+                      "26.0.0.4", "26.0.0.4-beta", 
                       "26.0.0.3", "26.0.0.3-beta", 
                       "26.0.0.2", "26.0.0.2-beta", 
                       "26.0.0.1", "26.0.0.1-beta", 
@@ -199,7 +200,8 @@
         },
         {
             "name": "release",
-            "posts": ["26.0.0.5-beta", "26.0.0.4", "26.0.0.4-beta", 
+            "posts": ["26.0.0.5", "26.0.0.5-beta", 
+                      "26.0.0.4", "26.0.0.4-beta", 
                       "26.0.0.3", "26.0.0.3-beta", 
                       "26.0.0.2", "26.0.0.2-beta", 
                       "26.0.0.1", "26.0.0.1-beta", 
@@ -336,7 +338,7 @@
         },
         {
             "name": "security",
-            "posts": ["26.0.0.5-beta", "26.0.0.4", 
+            "posts": ["26.0.0.5", "26.0.0.5-beta", "26.0.0.4", 
                       "26.0.0.4-beta", "26.0.0.3", 
                       "25.0.0.12", "25.0.0.12-beta", 
                       "25.0.0.9", "25.0.0.9-beta", 
@@ -374,7 +376,7 @@
         },
         {
             "name": "spring",
-            "posts": ["25.0.0.12-beta", "24.0.0.6", "spring-boot-3",
+            "posts": ["26.0.0.5", "25.0.0.12-beta", "24.0.0.6", "spring-boot-3",
                       "23.0.0.12", "23.0.0.10-beta",
                       "23.0.0.9", "23.0.0.9-beta",
                       "23.0.0.8-beta", "running-spring-boot-3",
@@ -433,7 +435,7 @@
         },
         {
             "name": "jakarta-ee",
-            "posts": ["26.0.0.4-beta", "26.0.0.3", "25.0.0.12-beta", 
+            "posts": ["26.0.0.5", "26.0.0.4-beta", "26.0.0.3", "25.0.0.12-beta", 
                       "24.0.0.12-beta", "rethinking-microservices",
                       "24.0.0.8", "liberty-developer-essentials-badge",
                       "24.0.0.8-beta", "24.0.0.7-beta",
diff --git a/posts/2026-05-05-26.0.0.5-beta.adoc b/posts/2026-05-05-26.0.0.5-beta.adoc
@@ -1,24 +1,24 @@
 ---
 layout: post
-title: "Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5 Beta"
+title: "Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5-beta"
 # Do NOT change the categories section
 categories: blog
 author_picture: https://avatars3.githubusercontent.com/navaneethsnair1
 author_github: https://github.com/navaneethsnair1
-seo-title: "Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5 Beta- OpenLiberty.io"
-seo-description: This beta release updates the `mcpServer-1.0` feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible `enabledCiphers` syntax.
-blog_description: This beta release updates the `mcpServer-1.0` feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible `enabledCiphers` syntax.
+seo-title: "Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5-beta - OpenLiberty.io"
+seo-description: This beta release updates the mcpServer-1.0 feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible enabledCiphers syntax.
+blog_description: This beta release updates the mcpServer-1.0 feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible enabledCiphers syntax.
 open-graph-image: https://openliberty.io/img/twitter_card.jpg
 open-graph-image-alt: Open Liberty Logo
 ---
-= Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5 Beta
+= Updates to MCP Server and TLS/SSL Cipher Support in 26.0.0.5-beta
 Navaneeth S Nair <https://github.com/navaneethsnair1>
 :imagesdir: /
 :url-prefix:
 :url-about: /
 //Blank line here is necessary before starting the body of the post.
 
-This beta release updates the `mcpServer-1.0` feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible `enabledCiphers` syntax.
+This beta release updates the mcpServer-1.0 feature and simplifies SSL cipher configuration by using the effective JDK cipher list by default and flexible enabledCiphers syntax.
 
 // // // // // // // //
 // Change the RELEASE_SUMMARY to an introductory paragraph. This sentence is really
@@ -55,7 +55,7 @@ The link:https://modelcontextprotocol.io/docs/getting-started/intro[Model Contex
 This beta release of Liberty includes important updates to the `mcpServer-1.0` feature, including configurable endpoint paths and notable bug fixes.
 
 === Prerequisites
-To use the `mcpServer-1.0` feature, it is required to have `Java 17` or later installed on your system.
+To use the `mcpServer-1.0` feature, it is required to have Java 17 or later installed on your system.
 
 === Configure custom MCP endpoint paths 
 Previously, the MCP endpoint was hard-coded to `/mcp` under the web application context root. You can now configure custom endpoint paths to better suit your application architecture and naming conventions.
@@ -78,8 +78,6 @@ For a single application, configure the endpoint path directly in the `<mcpServe
   	<mcpServer path="/custom-mcp"/>
   </application>
 
-  <include location="../fatTestPorts.xml" />
-
 </server>
 ----
 
@@ -153,36 +151,34 @@ This has been fixed to ensure proper isolation of encoder beans per application,
 [#ssl]
 == Update to TLS/SSL Cipher support
 
-Liberty uses the effective JDK cipher list from the JDK. The `securityLevel` attribute in the SSL configuration is not used anymore. In addition, the `enabledCiphers` attribute in the SSL config is updated to customize the SSL ciphers in a more flexible way.
-
-This change modifies the existing attribute `enabledCiphers` in the `ssl` config.
+Liberty now uses the effective cipher list from the JDK for SSL configuration. The `securityLevel` attribute in the SSL configuration is not used anymore. In addition, the `enabledCiphers` attribute in the SSL config is updated to customize the SSL ciphers in a more flexible way.
 
 Liberty's `securityLevel` based cipher categories no longer provide meaningful value. The `MEDIUM` and `LOW` categories contain no remaining ciphers.
 
 The `enabledCiphers` attribute now has two mutually exclusive modes: (1) Specify a custom list of ciphers separated by spaces, or (2) Specify filter criteria to add (+) or remove (-) cipher suites from the effective JDK cipher list. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the effective JDK cipher list.
 
-*Existing Usage - A user sets `securityLevel` as `HIGH`*
+*Existing Usage:* A user sets `securityLevel` as `HIGH`
 
 [source,xml]
 ----
 <ssl id="defaultSSL" securityLevel=HIGH/>
 ----
 
-*Example with new syntax - `securityLevel` is not required and is ignored if provided*
+The `securityLevel` attribute is now ignored, so the previous `<ssl>` configuration is treated equivalently to the configuration shown here where there is no `securityLevel` attribute configured.
 
 [source,xml]
 ----
 <ssl id="defaultSSL"/>
 ----
 
-*Existing Usage - A user specifies all ciphers from the effective jdk list excluding all TLS_RSA ciphers except for one (TLS_RSA_WITH_AES_128_GCM_SHA256)*
+*Existing Usage:* A user specifies all ciphers from the effective JDK list, excluding all TLS_RSA ciphers except for one (TLS_RSA_WITH_AES_128_GCM_SHA256)
 
 [source,xml]
 ----
 <ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256">
 ----
 
-*Example with new syntax - Use wildcards to achieve the same logic*
+*Example with new syntax:* Use wildcards to achieve the same logic
 [source,xml]
 ----
 <ssl id="defaultSSL" enabledCiphers="-TLS_RSA* +TLS_RSA_WITH_AES_128_GCM_SHA256"/>
diff --git a/posts/2026-05-19-26.0.0.5.adoc b/posts/2026-05-19-26.0.0.5.adoc
@@ -1,17 +1,17 @@
 ---
 layout: post
-title: "Jakarta EE 11, SpringBoot 4.0, and more in 26.0.0.5"
+title: "Jakarta EE 11, Spring Boot 4.0, and more in 26.0.0.5"
 # Do NOT change the categories section
 categories: blog
 author_picture: https://avatars3.githubusercontent.com/navaneethsnair1
 author_github: https://github.com/navaneethsnair1
-seo-title: Jakarta EE 11, SpringBoot 4.0, and more in 26.0.0.5- OpenLiberty.io
-seo-description: This release adds support for Jakarta EE 11 and SpringBoot 4.0, including MicroProfile 7 compatibility with Jakarta EE 11 and support for deploying SpringBoot 4.x applications in both JAR and WAR formats.
-blog_description: This release adds support for Jakarta EE 11 and SpringBoot 4.0, including MicroProfile 7 compatibility with Jakarta EE 11 and support for deploying SpringBoot 4.x applications in both JAR and WAR formats.
+seo-title: Jakarta EE 11, Spring Boot 4.0, and more in 26.0.0.5- OpenLiberty.io
+seo-description: This release introduces official support for Jakarta EE 11, Spring Boot 4.0 applications, and updated TLS/SSL cipher handling in Open Liberty, including enhanced Spring Boot deployment support and simplified SSL cipher configuration.
+blog_description: This release introduces official support for Jakarta EE 11, Spring Boot 4.0 applications, and updated TLS/SSL cipher handling in Open Liberty, including enhanced Spring Boot deployment support and simplified SSL cipher configuration.
 open-graph-image: https://openliberty.io/img/twitter_card.jpg
 open-graph-image-alt: Open Liberty Logo
 ---
-= Jakarta EE 11, SpringBoot 4.0, and more in 26.0.0.5
+= Jakarta EE 11, Spring Boot 4.0, and more in 26.0.0.5
 Navaneeth S Nair <https://github.com/navaneethsnair1>
 :imagesdir: /
 :url-prefix:
@@ -49,7 +49,7 @@ Navaneeth S Nair <https://github.com/navaneethsnair1>
 // change the "IMAGE CAPTION" to a couple words of what the image is
 // // // // // // // //
 
-This release adds support for Jakarta EE 11 and SpringBoot 4.0, including MicroProfile 7 compatibility with Jakarta EE 11 and support for deploying SpringBoot 4.x applications in both JAR and WAR formats.
+This release introduces official support for Jakarta EE 11, Spring Boot 4.0 applications, and updated TLS/SSL cipher handling in Open Liberty, including enhanced Spring Boot deployment support and simplified SSL cipher configuration.
 
 // // // // // // // //
 // In the preceding section:
@@ -67,7 +67,8 @@ This release adds support for Jakarta EE 11 and SpringBoot 4.0, including MicroP
 In link:{url-about}[Open Liberty] 26.0.0.5:
 
 * <<jakarta_ee, Jakarta EE 11 Core Profile, Web Profile, and Platform>>
-* <<springboot, SpringBoot 4.0>>
+* <<springboot, Spring Boot 4.0>>
+* <<ssl, Update to TLS/SSL Cipher support>>
 * <<CVEs, Security Vulnerability (CVE) Fixes>>
 * <<bugs, Notable bug fixes>>
 
@@ -280,10 +281,10 @@ To run Jakarta EE 11 features on the Application Client Container, add the follo
 // Contact/Reviewer: anjumfatima90
 // // // // // // // // 
 [#springboot]
-== SpringBoot 4.0
-Open Liberty currently supports running SpringBoot 1.5, 2.x, and 3.x applications. With the introduction of the new `springBoot-4.0` feature, users can now deploy SpringBoot 4.x applications. While Liberty has consistently supported SpringBoot applications packaged as `WAR` files, this enhancement extends support to both `JAR` and `WAR` formats for SpringBoot 4.x applications.
+== Spring Boot 4.0
+Open Liberty currently supports running Spring Boot 1.5, 2.x, and 3.x applications. With the introduction of the new `springBoot-4.0` feature, users can now deploy Spring Boot 4.x applications. While Liberty has consistently supported Spring Boot applications packaged as `WAR` files, this enhancement extends support to both `JAR` and `WAR` formats for Spring Boot 4.x applications.
 
-The `springBoot-4.0` feature provides complete support for running a SpringBoot 4.x application on Open Liberty, as well as the ability to thin the application when building containerized applications.
+The `springBoot-4.0` feature provides complete support for running a Spring Boot 4.x application on Open Liberty, as well as the ability to thin the application when building containerized applications.
 
 To use this feature, users must be running `Java 17` or later with EE11 features enabled. If the application uses servlets, it must be configured to use `Servlet 6.1`. Include the following features in your `server.xml` file to configure the server.
 
@@ -295,17 +296,59 @@ To use this feature, users must be running `Java 17` or later with EE11 features
 </features>
 ----
 
-The `server.xml` configuration for deploying a SpringBoot application follows the same approach used in earlier Liberty SpringBoot versions.
+The `server.xml` configuration for deploying a Spring Boot application follows the same approach used in earlier Liberty Spring Boot versions.
 
 [source, xml]
 ---- 
 <springBootApplication id="spring-boot-app" location="spring-boot-app-0.1.0.jar" name="spring-boot-app" />
 ----
 
-As in earlier versions, the SpringBoot application JAR can be deployed by placing it in the `/dropins/spring` folder. The `springBootApplication` configuration in the `server.xml` file can be omitted when this deployment method is used.
+As in earlier versions, the Spring Boot application JAR can be deployed by placing it in the `/dropins/spring` folder. The `springBootApplication` configuration in the `server.xml` file can be omitted when this deployment method is used.
 
 // DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 
 
+// // // // DO NOT MODIFY THIS COMMENT BLOCK <GHA-BLOG-TOPIC> // // // // 
+// Blog issue: https://github.com/OpenLiberty/open-liberty/issues/34374
+// Contact/Reviewer: rangaran
+// // // // // // // // 
+[#ssl]
+== Update to TLS/SSL Cipher support
+Liberty now uses the effective cipher list from the JDK for SSL configuration. The `securityLevel` attribute in the SSL configuration is not used anymore. In addition, the `enabledCiphers` attribute in the SSL config is updated to customize the SSL ciphers in a more flexible way.
+
+Liberty's `securityLevel` based cipher categories no longer provide meaningful value. The `MEDIUM` and `LOW` categories contain no remaining ciphers.
+
+The `enabledCiphers` attribute now has two mutually exclusive modes: (1) Specify a custom list of ciphers separated by spaces, or (2) Specify filter criteria to add (+) or remove (-) cipher suites from the effective JDK cipher list. If the value set in `enabledCiphers` contains a static entry and a +/- entry, an error is logged, and the server ignores the `enabledCiphers` value by returning the effective JDK cipher list.
+
+*Existing Usage:* A user sets `securityLevel` as `HIGH`
+
+[source,xml]
+----
+<ssl id="defaultSSL" securityLevel=HIGH/>
+----
+
+The `securityLevel` attribute is now ignored, so the previous `<ssl>` configuration is treated equivalently to the configuration shown here where there is no `securityLevel` attribute configured.
+
+[source,xml]
+----
+<ssl id="defaultSSL"/>
+----
+
+*Existing Usage:* A user specifies all ciphers from the effective JDK list, excluding all TLS_RSA ciphers except for one (TLS_RSA_WITH_AES_128_GCM_SHA256)
+
+[source,xml]
+----
+<ssl id="defaultSSL" securityLevel="CUSTOM" enabledCiphers="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256">
+----
+
+*Example with new syntax:* Use wildcards to achieve the same logic
+[source,xml]
+----
+<ssl id="defaultSSL" enabledCiphers="-TLS_RSA* +TLS_RSA_WITH_AES_128_GCM_SHA256"/>
+----
+
+To learn more about Transport Security, see link:https://openliberty.io/docs/modules/reference/23.0.0.6/com.ibm.websphere.appserver.api.ssl_1.5-javadoc/com/ibm/websphere/ssl/Constants.html[SSL Constants Javadoc], link:https://openliberty.io/docs/modules/reference/23.0.0.6/com.ibm.websphere.appserver.api.ssl_1.5-javadoc/com/ibm/websphere/ssl/JSSEProvider.html[JSSEProvider Javadoc], and link:https://openliberty.io/docs/latest/reference/config/ssl.html[SSL Configuration Reference].
+
+// DO NOT MODIFY THIS LINE. </GHA-BLOG-TOPIC> 
 
 [#CVEs]
 == Security vulnerability (CVE) fixes in this release
