Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8265

[JDK14] Accommodate SSLv3 deprecation

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.4.0
    • Component/s: None
    • Labels:
      None
    • Estimated Complexity:
      Unknown

      Description

      Since JDK14, SSLv3 is no longer supported and is removed from SSLContext (https://github.com/openjdk/jdk/blob/jdk-14-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L603 vs https://github.com/openjdk/jdk/blob/jdk-13-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L615), TLSv1.0 is the minimal supported version.

      To allow SSLv3, the connections, the client / server have to create a custom SSL context (fe "SSL") and control the protocols using JDK's jdk.tls.server.protocols and jdk.tls.client.protocols properties, fe:

         -Djdk.tls.server.protocols=SSLv3,TLSv1
         -Djdk.tls.client.protocols=SSLv3,TLSv1

        Attachments

          Activity

            People

            • Assignee:
              reta Andriy Redko
              Reporter:
              reta Andriy Redko
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: