[OPENEJB-1856] Allow User selectable Cipher Suites to enhance ejbds SSL security - ASF JIRA

Attach files

Attach Screenshot

Bulk Copy Attachments

Bulk Move Attachments

Add vote

Voters

Watch issue

Watchers

Create sub-task

Convert to sub-task

Link

Clone

Labels

Update Comment Author

Replace String in Comment

Update Comment Visibility

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: 4.0.0
Fix Version/s: None
Component/s: server
Labels:
- security
Environment:
All

Description

Currently, "SSL_DH_anon_WITH_RC4_128_MD5" is harded as the only available cipher suite when using SSL. While this provides integrtiy and eavesdorpping protection, it offers no protection from MITM attacks.

Allowing the user to specify the protocol suite, then having them also use the normal javax.net.ssl.trustStore and javax.net.ssl.keyStore parameters will allow fully secure connections to be established.

Attachments

SocketConnectionFactory.patch
03/Jul/12 21:42
3 kB
Jonathan S Fisher
ServiceDaemon.patch
03/Jul/12 21:42
1 kB
Jonathan S Fisher

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Unassigned

Reporter:: Jonathan S Fisher

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 03/Jul/12 21:41

Updated:: 03/Jul/12 21:42

Time Tracking

Estimated:

48h

Remaining:

48h

Logged:

Allow User selectable Cipher Suites to enhance ejbds SSL security

Details

Description

Attachments

Attachments

Activity

People

Dates

Time Tracking

Agile

Slack

Issue deployment