Anonymous | Login | Signup for a new account | 03-31-2025 18:23 PDT |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0003431 | [Resin] | minor | always | 04-02-09 06:35 | 08-12-09 18:31 | ||||
Reporter | vbavin | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | Platform | |||||
Status | closed | OS | |||||||
Projection | none | OS Version | |||||||
ETA | none | Fixed in Version | 4.0.2 | Product Version | 3.1.8 | ||||
Product Build | |||||||||
Summary | 0003431: reopen?: 0002360: jsse cipher-suites | ||||||||
Description |
I'm currently using JSSE vs. OpenSSL for my SSL configuration. I now need to restrict the ciphers so use of the weaker ciphers are not allowed; for instance, anything < 128-bit. The JSSE documentation says that the following system property can be used to set the enabled ciphers, assuming that they are supported. Setting this property seems to have no impact on the ciphers being used by Resin, however. <system-property https.cipherSuites="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"/> and jsse-ssl/cipher-suites TLS_RSA_WITH_AES_128_CBC_SHA not work too |
||||||||
Steps To Reproduce | |||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
36 total queries executed. 29 unique queries executed. |