Mantis Bugtracker
  

Viewing Issue Simple Details Jump to Notes ] View Advanced ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0002360 [Resin] minor always 01-23-08 10:58 03-05-08 17:33
Reporter ferg View Status public  
Assigned To ferg
Priority normal Resolution fixed  
Status closed   Product Version 3.1.4
Summary 0002360: jsse cipher-suites
Description (rep by Jay Ballinger)

I'm currently using JSSE vs. OpenSSL for my SSL configuration. I now
need to restrict the ciphers so use of the weaker ciphers are not
allowed; for instance, anything < 128-bit.

The JSSE documentation says that the following system property can be
used to set the enabled ciphers, assuming that they are supported.
Setting this property seems to have no impact on the ciphers being used
by Resin, however.

<system-property
https.cipherSuites="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA"/>

Does anyone have a solution to this problem?

Additional Information
Attached Files

- Relationships

- Notes
(0002826)
ferg
03-05-08 17:33

server/0621
 

- Issue History
Date Modified Username Field Change
01-23-08 10:58 ferg New Issue
01-23-08 12:12 stbu Issue Monitored: stbu
03-05-08 17:33 ferg Note Added: 0002826
03-05-08 17:33 ferg Assigned To  => ferg
03-05-08 17:33 ferg Status new => closed
03-05-08 17:33 ferg Resolution open => fixed
03-05-08 17:33 ferg Fixed in Version  => 3.1.6
03-05-08 17:33 ferg Description Updated
03-14-08 15:31 planetpratt Issue Monitored: planetpratt
05-07-09 16:20 jay Issue Monitored: jay
07-24-09 12:38 Dan-H Issue Monitored: Dan-H


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
37 total queries executed.
29 unique queries executed.
Powered by Mantis Bugtracker