You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Stefan Podkowinski (JIRA)" <ji...@apache.org> on 2017/11/22 10:26:00 UTC
[jira] [Created] (CASSANDRA-14067) Change default for SSL algorithm
Stefan Podkowinski created CASSANDRA-14067:
----------------------------------------------
Summary: Change default for SSL algorithm
Key: CASSANDRA-14067
URL: https://issues.apache.org/jira/browse/CASSANDRA-14067
Project: Cassandra
Issue Type: Bug
Reporter: Stefan Podkowinski
Assignee: Stefan Podkowinski
Fix For: 4.x
The hardcoded default for the SSL validation algorithm should be changed from SunX509 to PKIX, which has been [default since Java 7|https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html#SupportClasses]. Starting with Java 9, the use of SunX509 is [actively discouraged|https://bugs.openjdk.java.net/browse/JDK-8169745], as it implements fewer security constraints.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org