Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Release Note Status:
Not Required
Target Release:

7.2.0.GA

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When I look into elytron default configuration I see.

        <subsystem xmlns="urn:wildfly:elytron:1.0" initial-providers="combined-providers">
            <providers>
                <provider-loader name="elytron" module="org.wildfly.security.elytron"/>
                <provider-loader name="openssl" module="org.wildfly.openssl"/>
                <aggregate-providers name="combined-providers">
                    <providers name="elytron"/>
                    <providers name="openssl"/>
                </aggregate-providers>
            </providers>

From that configuration I would assume initial-providers is setting additional security providers before globally registered providers (registered in java.security). So that mean openssl provider should be used first when it comes to TLS creation. But it seems to me JSSE TLS is used by default.

What am I missing?

incorporates

WFCORE-1802 Ensure OpenSSL Registration is first.

Resolved

is incorporated by

JBEAP-11137 (7.1.0) Upgrade to WildFly Core to 3.0.0.Beta26

Closed

is related to

JBEAP-11849 Need to document the OpenSSL settings in Elytron

Closed

Assignee:: Darran Lofthouse

Reporter:: Martin Choma

Need Info From:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2017/02/06 2:30 AM

Updated:: 2021/10/24 6:41 AM

Resolved:: 2018/09/21 6:50 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates