Uploaded image for project: 'OpenEJB'
  1. OpenEJB
  2. OPENEJB-1856

Allow User selectable Cipher Suites to enhance ejbds SSL security

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 4.0.0
    • Fix Version/s: None
    • Component/s: server
    • Labels:
    • Environment:
      All

      Description

      Currently, "SSL_DH_anon_WITH_RC4_128_MD5" is harded as the only available cipher suite when using SSL. While this provides integrtiy and eavesdorpping protection, it offers no protection from MITM attacks.

      Allowing the user to specify the protocol suite, then having them also use the normal javax.net.ssl.trustStore and javax.net.ssl.keyStore parameters will allow fully secure connections to be established.

        Attachments

        1. ServiceDaemon.patch
          1 kB
          Jonathan S Fisher
        2. SocketConnectionFactory.patch
          3 kB
          Jonathan S Fisher

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              exabrial Jonathan S Fisher
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:

                Time Tracking

                Estimated:
                Original Estimate - 48h
                48h
                Remaining:
                Remaining Estimate - 48h
                48h
                Logged:
                Time Spent - Not Specified
                Not Specified