Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-6875

Add ssl-enabled-protocol configuration parameter to IIOP subsystem

    XMLWordPrintable

Details

    • Enhancement
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Done
    • 10.0.0.Final
    • 11.0.0.Alpha1
    • IIOP
    • None

    Description

      Add ability to specify allowed version of TLS/SSL protocol used by secured socket to iiop-openjdk subsystem. We need such configuration to be able to make sure that there is a possibility to turn off specific versions of protocol used (f.e. SSLv3 protocol to avoid POODLE attack). In most virtual machines (oracle and openjdk included) this change has been done already inside JVM configuration. Nevertheless adding such parameter to the subsystem will make it possible to configure this parameter independently of JVM making it secure no matter what JVM implementation is used.

      Attachments

        Activity

          People

            tadamski@redhat.com Tomasz Adamski
            tadamski@redhat.com Tomasz Adamski
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: