Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0003593 [Resin] major always 07-08-09 00:35 08-12-09 15:56
Reporter vbavin View Status public  
Assigned To ferg
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 4.0.2 Product Version 4.0.0
  Product Build
Summary 0003593: JSSE ciphers restriction not work?
Description I'm currently using JSSE vs. OpenSSL for my SSL configuration.
I now need to restrict the ciphers so use of the weaker ciphers are not
allowed; for instance, anything < 128-bit or DH because Opera 9 browser security and RSA 2048 (i see this not fixed in Sun JRE 1.6x) .
See similar http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6330287 [^] and
http://forums.sun.com/thread.jspa?threadID=5172531 [^] for example.
My configuration sample
    <server-default>
..
      <http address="*" port="8443">
        <jsse-ssl>
            <key-store-type>JKS</key-store-type>
            <key-store-file>...</key-store-file>
            <password>...</password>
            <key-manager-factory>SunX509</key-manager-factory>
            <ssl-context>SSL</ssl-context>
        <cipher-suites>TLS_RSA_WITH_AES_128_CBC_SHA</cipher-suites>
    </jsse-ssl>
      </http>
...
<server-default>

I use THCSSLCheck too for restriction results monitoring.
Steps To Reproduce
Additional Information
Attached Files

- Relationships

- Notes
(0004118)
ferg
08-12-09 15:56

server/0602
 

- Issue History
Date Modified Username Field Change
07-08-09 00:35 vbavin New Issue
07-08-09 00:36 vbavin Issue Monitored: vbavin
08-12-09 15:56 ferg Note Added: 0004118
08-12-09 15:56 ferg Assigned To  => ferg
08-12-09 15:56 ferg Status new => closed
08-12-09 15:56 ferg Resolution open => fixed
08-12-09 15:56 ferg Fixed in Version  => 4.0.2


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed.
26 unique queries executed.
Powered by Mantis Bugtracker