Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-4351

Support for server cipher suite preference

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • 11.0.0.Alpha1
    • None
    • Web (Undertow)
    • None

    Description

      Please expose config option in subsystem config to enable server cipher suite preference. The relevant API call is SSLParameters.setUseCipherSuitesOrder(boolean) in Java 8.

      We are busy looking at the security of our web services exposed by Wildfly 8.2.0.Final when we came across these posts:
      http://blog.ivanristic.com/2014/03/ssl-tls-improvements-in-java-8.html
      http://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/JSSERefGuide.html#cipher_suite_preference

      App Server: WildFly 8.2.0.Final
      Java: Java 8 Update 31
      OS: Linux / gentoo

      Attachments

        Issue Links

          is duplicated by

          Feature Request - Feature requests from customers and/or users WFLY-9714 Configuring Server cipher order in JBoss 7.1.0 AS

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is incorporated by

          Feature Request - Feature requests from customers and/or users WFLY-4180 Allow for more control over the creation of the SSLContext

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFLY-7246 Upgrade to version 1.0.0.Alpha11 of the Elytron Subsystem

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              nicoschl@gmail.com Nico Schlebusch (Inactive)
              Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: