Uploaded image for project: 'Accumulo'
  1. Accumulo
  2. ACCUMULO-3316 Update TLS usage to mitigate POODLE
  3. ACCUMULO-3317

Change Jetty configuration to disallow SSLv3

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 1.5.0, 1.5.1, 1.5.2, 1.6.0, 1.6.1
    • 1.5.3, 1.6.2, 1.7.0
    • monitor
    • None

    Description

      Any Jetty use should disallow SSLv3, e.g. the Monitor.

      Notes from thread:

      Jetty:
      http://stackoverflow.com/questions/26382540/how-to-disable-the-sslv3-protocol-in-jetty-to-prevent-poodle-attack

      Testing the monitor for SSLv3 downgrade, given host monitor.example.com on port 12345

      curl -vvv --sslv3 https://monitor.example.com:12345/

      Attachments

        Activity

          People

            elserj Josh Elser
            busbey Sean Busbey
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 0.5h
                0.5h