You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Joe Carder (Jira)" <ji...@apache.org> on 2021/01/28 18:26:00 UTC
[jira] [Created] (AMQ-8132) SSL Param UserCipherSuitesOrder Not
Reflective
Joe Carder created AMQ-8132:
-------------------------------
Summary: SSL Param UserCipherSuitesOrder Not Reflective
Key: AMQ-8132
URL: https://issues.apache.org/jira/browse/AMQ-8132
Project: ActiveMQ
Issue Type: Bug
Components: Broker, Transport
Affects Versions: 5.15.14
Environment: ActiveMQ 5.15.14
JDK 8.X/11.x/14.X
CentOS 7/8
Reporter: Joe Carder
We have a use case where we need to set not only the enabled cipher suites via the transport URI, but the order list as well. We can set the suite list via transport.enabledCipherSuites setter and that is reflective in AMQ, however when attempting to set the order list via {color:#212121}transport.UseCipherSuitesOrder=true this setter does not seem to be reflective, as the cipher order is still being set by the client configuration.
Looking at [https://github.com/apache/activemq/blob/master/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java] it appears that all the SSLParameters under javax.net.ssl.sslParameters should be reflective but that doesn't seem to be the case with this setter, as we do not see the expected behavior (IE: the cipher suite order reflecting the order set local to the AMQ JVM as specified here [https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setUseCipherSuitesOrder-boolean-] )
{color}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)