-
Enhancement
-
Resolution: Done
-
Major
-
None
-
None
It is not possible to set the ssl protocol and ciphers on a security-realm using system property if multiple protocols and/or ciphers are needed.
Setting the "enabled-cipher-suites" and "enabled-protocols" using a system property works if the system property value resolves to a single value ("TLSv1.2" for example).
An error is thrown if the system property has multiple values (-Dtlsversion="TLSv1.1 TLSv1.2"). Here is the error that is generated:
13:20:43,315 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-4) MSC000001: Failed to start service org.wildfly.core.management.security.realm.ManagementRealm.ssl-context: org.jboss.msc.service.StartException in service org.wildfly.core.management.security.realm.ManagementRealm.ssl-context: WFLYDM0096: No protocols in common, supported=([SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]), requested=([TLSv1.1 TLSv1.2])
at org.jboss.as.domain.management.security.SSLContextService.wrapSslContext(SSLContextService.java:137)
at org.jboss.as.domain.management.security.SSLContextService.start(SSLContextService.java:102)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032)
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
- clones
-
WFCORE-3448 Unable to set multiple ssl protocols and ciphers on security-realms using system properties
- Resolved
- is incorporated by
-
JBEAP-13952 (7.1.z) Upgrade WildFly Core to 3.0.12.Final
- Closed