[CXF-8265] [JDK14] Accommodate SSLv3 deprecation - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.4.0
Component/s: None
Labels:
None

Estimated Complexity:
Unknown

Description

Since JDK14, SSLv3 is no longer supported and is removed from SSLContext (https://github.com/openjdk/jdk/blob/jdk-14-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L603 vs https://github.com/openjdk/jdk/blob/jdk-13-ga/src/java.base/share/classes/sun/security/ssl/SSLContextImpl.java#L615), TLSv1.0 is the minimal supported version.

To allow SSLv3, the connections, the client / server have to create a custom SSL context (fe "SSL") and control the protocols using JDK's jdk.tls.server.protocols and jdk.tls.client.protocols properties, fe:

-Djdk.tls.server.protocols=SSLv3,TLSv1
-Djdk.tls.client.protocols=SSLv3,TLSv1

Attachments

Activity

People

Assignee:: Andriy Redko

Reporter:: Andriy Redko

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 18/Apr/20 17:56

Updated:: 22/Dec/21 20:43

Resolved:: 20/Apr/20 01:46