You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Justin Bertram (JIRA)" <ji...@apache.org> on 2016/06/20 15:00:08 UTC
[jira] [Closed] (ARTEMIS-576) Artemis should use safe SSL defaults
[ https://issues.apache.org/jira/browse/ARTEMIS-576?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Justin Bertram closed ARTEMIS-576.
----------------------------------
Resolution: Not A Problem
Assignee: Justin Bertram
The log message here was moved from WARN down to INFO via ARTEMIS-563.
Also, the message here indicates that the default protocols from the JVM are vulnerable and Artemis is taking action to remove the vulnerable protocol in order to be safe.
> Artemis should use safe SSL defaults
> ------------------------------------
>
> Key: ARTEMIS-576
> URL: https://issues.apache.org/jira/browse/ARTEMIS-576
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Lionel Cons
> Assignee: Justin Bertram
>
> Enabling SSL with the default options, Artemis logs a warning:
> {code}
> 2016-06-20 08:43:18,253 [org.apache.activemq.artemis.core.server] WARN AMQ222190: Disallowing use of vulnerable protocol: SSLv2Hello. See http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html for more details.
> {code}
> With default options (here {{enabledProtocols}} is not set), Artemis should be safe and silent (= no warnings). So the default list of protocols should not include {{SSLv2Hello}}.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)