Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8265

[JDK14] Accommodate SSLv3 deprecation

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 3.4.0
    • None
    • None
    • Unknown

    Description

      Since JDK14, SSLv3 is no longer supported and is removed from SSLContext (https://github.com/openjdk/jdk/blob/jdk-14-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L603 vs https://github.com/openjdk/jdk/blob/jdk-13-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L615), TLSv1.0 is the minimal supported version.

      To allow SSLv3, the connections, the client / server have to create a custom SSL context (fe "SSL") and control the protocols using JDK's jdk.tls.server.protocols and jdk.tls.client.protocols properties, fe:

         -Djdk.tls.server.protocols=SSLv3,TLSv1
         -Djdk.tls.client.protocols=SSLv3,TLSv1

      Attachments

        Activity

          People

            reta Andriy Redko
            reta Andriy Redko
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: