[KNOX-566] Make the Default Ephemeral DH Key Size 2048 with Ability to Override - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 0.5.0
Fix Version/s: 0.7.0
Component/s: None
Labels:
None
Environment:
Red Hat Enterprise Linux Server release 6.4 (Santiago)

External issue URL:
https://weakdh.org/

Description

See description of logjam
"The Logjam Attack"
https://weakdh.org/

To test you should do:
[root@bdvs1392 logs]# openssl s_client -connect bdvs1392.svl.ibm.com:8443 -cipher "EDH" | grep "Server Temp Key"
depth=0 C = US, ST = Test, L = Test, O = Hadoop, OU = Test, CN = bdvs1392.svl.ibm.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Test, L = Test, O = Hadoop, OU = Test, CN = bdvs1392.svl.ibm.com
verify return:1
Server Temp Key: DH, 768 bits

The key should >= 1024

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

KNOX-566-001.patch
15/Jul/15 19:14
4 kB
Larry McCay

Activity

People

Assignee:: Larry McCay

Reporter:: Jeffrey E Rodriguez

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 08/Jul/15 18:14

Updated:: 28/Mar/19 14:14

Resolved:: 23/Nov/15 15:33