|
Mantis - Resin
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 3593 | major | always | 07-08-09 00:35 | 08-12-09 15:56 | |
|
|
|||||
| Reporter: | vbavin | Platform: | |||
| Assigned To: | ferg | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | 4.0.0 | ||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | 4.0.2 | ||
|
|
|||||
| Summary: | 0003593: JSSE ciphers restriction not work? | ||||
| Description: |
I'm currently using JSSE vs. OpenSSL for my SSL configuration. I now need to restrict the ciphers so use of the weaker ciphers are not allowed; for instance, anything < 128-bit or DH because Opera 9 browser security and RSA 2048 (i see this not fixed in Sun JRE 1.6x) . See similar http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6330287 [^] and http://forums.sun.com/thread.jspa?threadID=5172531 [^] for example. My configuration sample <server-default> .. <http address="*" port="8443"> <jsse-ssl> <key-store-type>JKS</key-store-type> <key-store-file>...</key-store-file> <password>...</password> <key-manager-factory>SunX509</key-manager-factory> <ssl-context>SSL</ssl-context> <cipher-suites>TLS_RSA_WITH_AES_128_CBC_SHA</cipher-suites> </jsse-ssl> </http> ... <server-default> I use THCSSLCheck too for restriction results monitoring. |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
| Notes | |||||
|
|
|||||
|
|
||||