You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@activemq.apache.org by "Justin Bertram (JIRA)" <ji...@apache.org> on 2016/06/20 15:00:08 UTC

[jira] [Closed] (ARTEMIS-576) Artemis should use safe SSL defaults

     [ https://issues.apache.org/jira/browse/ARTEMIS-576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Justin Bertram closed ARTEMIS-576.
----------------------------------
    Resolution: Not A Problem
      Assignee: Justin Bertram

The log message here was moved from WARN down to INFO via ARTEMIS-563.

Also, the message here indicates that the default protocols from the JVM are vulnerable and Artemis is taking action to remove the vulnerable protocol in order to be safe.

> Artemis should use safe SSL defaults
> ------------------------------------
>
>                 Key: ARTEMIS-576
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-576
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>            Reporter: Lionel Cons
>            Assignee: Justin Bertram
>
> Enabling SSL with the default options, Artemis logs a warning:
> {code}
> 2016-06-20 08:43:18,253 [org.apache.activemq.artemis.core.server] WARN AMQ222190: Disallowing use of vulnerable protocol: SSLv2Hello. See http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html for more details.
> {code}
> With default options (here {{enabledProtocols}} is not set), Artemis should be safe and silent (= no warnings). So the default list of protocols should not include {{SSLv2Hello}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)