Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.ER3
Affects Version/s: 7.1.0.ER1
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When security-domain from server-ssl-context cannot verify X509PeerCertificateChainEvidence then server-ssl-context should rather fail then use some default for X509TrustManager in [1]. It causes that misconfiguration in security domain is masked.

[1] https://github.com/wildfly-security/wildfly-elytron/blob/656354343e7e28fdee47ab58a03c1cf7042abd55/src/main/java/org/wildfly/security/ssl/SSLContextBuilder.java#L341

is cloned by

ELY-1271 Elytron server-ssl-context should not use default value when referenced security-domain cannot be used

Resolved

is incorporated by

JBEAP-12265 Upgrade WildFly Elytron to 1.1.0.CR3

Closed

Assignee:: Jan Kalina (Inactive)

Reporter:: Ondrej Lukas (Inactive)

Tester:: Ondrej Kotek

QA Contact:: Ondrej Kotek

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2017/06/29 5:49 AM

Updated:: 2024/09/02 4:02 PM

Resolved:: 2017/07/24 4:13 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates