Loading...

XML

Word

Printable

Type: Enhancement
Resolution: Done
Priority: Major
Fix Version/s: 11.0.0.Alpha1
Affects Version/s: None
Component/s: Web (Undertow)
Labels:
None

Git Pull Request:
https://github.com/wildfly-security/elytron-subsystem/pull/240

Please expose config option in subsystem config to enable server cipher suite preference. The relevant API call is SSLParameters.setUseCipherSuitesOrder(boolean) in Java 8.

We are busy looking at the security of our web services exposed by Wildfly 8.2.0.Final when we came across these posts:
http://blog.ivanristic.com/2014/03/ssl-tls-improvements-in-java-8.html
http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#cipher_suite_preference

App Server: WildFly 8.2.0.Final
Java: Java 8 Update 31
OS: Linux / gentoo

is duplicated by

WFLY-9714 Configuring Server cipher order in JBoss 7.1.0 AS

Closed

is incorporated by

WFLY-4180 Allow for more control over the creation of the SSLContext

Closed

WFLY-7246 Upgrade to version 1.0.0.Alpha11 of the Elytron Subsystem

Closed

Assignee:: Darran Lofthouse

Reporter:: Nico Schlebusch (Inactive)

Votes:: 2 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2015/02/02 6:20 AM

Updated:: 2018/01/22 5:14 AM

Resolved:: 2016/10/06 5:16 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates