You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Joe Carder (Jira)" <ji...@apache.org> on 2021/01/28 18:26:00 UTC

[jira] [Created] (AMQ-8132) SSL Param UserCipherSuitesOrder Not Reflective

Joe Carder created AMQ-8132:
-------------------------------

             Summary: SSL Param UserCipherSuitesOrder Not Reflective
                 Key: AMQ-8132
                 URL: https://issues.apache.org/jira/browse/AMQ-8132
             Project: ActiveMQ
          Issue Type: Bug
          Components: Broker, Transport
    Affects Versions: 5.15.14
         Environment: ActiveMQ 5.15.14

JDK 8.X/11.x/14.X

CentOS 7/8

 
            Reporter: Joe Carder


We have a use case where we need to set not only the enabled cipher suites via the transport URI, but the order list as well.  We can set the suite list via transport.enabledCipherSuites setter and that is reflective in AMQ, however when attempting to set the order list via {color:#212121}transport.UseCipherSuitesOrder=true this setter does not seem to be reflective, as the cipher order is still being set by the client configuration.  

Looking at [https://github.com/apache/activemq/blob/master/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java] it appears that all the SSLParameters under javax.net.ssl.sslParameters should be reflective but that doesn't seem to be the case with this setter, as we do not see the expected behavior (IE: the cipher suite order reflecting the order set local to the AMQ JVM as specified here [https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setUseCipherSuitesOrder-boolean-] )

{color}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)