Uploaded image for project: 'ActiveMQ'
  1. ActiveMQ
  2. AMQ-8132

SSL Param UseCipherSuitesOrder Not Reflective

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.15.14
    • Fix Version/s: None
    • Component/s: Broker, Transport
    • Labels:
      None
    • Environment:

      ActiveMQ 5.15.14

      JDK 8.X/11.x/14.X

      CentOS 7/8

       

      Description

      We have a use case where we need to set not only the enabled cipher suites via the transport URI, but the order list as well.  We can set the suite list via transport.enabledCipherSuites setter and that is reflective in AMQ, however when attempting to set the order list via transport.UseCipherSuitesOrder=true this setter does not seem to be reflective, as the cipher order is still being set by the client configuration. 

      Looking at https://github.com/apache/activemq/blob/master/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java it appears that all the SSLParameters under javax.net.ssl.sslParameters should be reflective but that doesn't seem to be the case with this setter, as we do not see the expected behavior (IE: the cipher suite order reflecting the order set local to the AMQ JVM as specified here https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setUseCipherSuitesOrder-boolean- )

        Attachments

          Activity

            People

            • Assignee:
              mattrpav Matt Pavlovich
              Reporter:
              joecarder Joe Carder

              Dates

              • Created:
                Updated:

                Issue deployment