| Anonymous | Login | Signup for a new account | 04-24-2024 21:26 PDT |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
| 0003593 | [Resin] | major | always | 07-08-09 00:35 | 08-12-09 15:56 | ||||
| Reporter | vbavin | View Status | public | ||||||
| Assigned To | ferg | ||||||||
| Priority | normal | Resolution | fixed | Platform | |||||
| Status | closed | OS | |||||||
| Projection | none | OS Version | |||||||
| ETA | none | Fixed in Version | 4.0.2 | Product Version | 4.0.0 | ||||
| Product Build | |||||||||
| Summary | 0003593: JSSE ciphers restriction not work? | ||||||||
| Description |
I'm currently using JSSE vs. OpenSSL for my SSL configuration. I now need to restrict the ciphers so use of the weaker ciphers are not allowed; for instance, anything < 128-bit or DH because Opera 9 browser security and RSA 2048 (i see this not fixed in Sun JRE 1.6x) . See similar http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6330287 [^] and http://forums.sun.com/thread.jspa?threadID=5172531 [^] for example. My configuration sample <server-default> .. <http address="*" port="8443"> <jsse-ssl> <key-store-type>JKS</key-store-type> <key-store-file>...</key-store-file> <password>...</password> <key-manager-factory>SunX509</key-manager-factory> <ssl-context>SSL</ssl-context> <cipher-suites>TLS_RSA_WITH_AES_128_CBC_SHA</cipher-suites> </jsse-ssl> </http> ... <server-default> I use THCSSLCheck too for restriction results monitoring. |
||||||||
| Steps To Reproduce | |||||||||
| Additional Information | |||||||||
| Attached Files | |||||||||
|
|
|||||||||
 Relationships |
|
|
Notes |
|
|
(0004118) ferg 08-12-09 15:56 |
server/0602 |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 07-08-09 00:35 | vbavin | New Issue | |
| 07-08-09 00:36 | vbavin | Issue Monitored: vbavin | |
| 08-12-09 15:56 | ferg | Note Added: 0004118 | |
| 08-12-09 15:56 | ferg | Assigned To | => ferg |
| 08-12-09 15:56 | ferg | Status | new => closed |
| 08-12-09 15:56 | ferg | Resolution | open => fixed |
| 08-12-09 15:56 | ferg | Fixed in Version | => 4.0.2 |
| Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed. 26 unique queries executed. |  |
