Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-3829

FIPS mode: expired certificate doesn't impact master slave communication.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Not a Bug
    • Icon: Major Major
    • None
    • 7.0.0.ER6
    • Management, Security

      Description:
      Setting EAP in FIPS mode and securing domain master/slave host controllers communication with SSL/TLS. Communication works even if certificate is expired. I can't find any message regarding this fact in server log (setting logging to ALL level).

      Slave host controller act as client of TLS handshake and in my opinion should react somehow on certification invalidity. Warning message at least. Maybe refuse to connect at all?

              jkalina@redhat.com Jan Kalina (Inactive)
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: