You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Timothy Bish (JIRA)" <ji...@apache.org> on 2014/12/12 20:10:15 UTC
[jira] [Resolved] (AMQNET-476) Make SSL-Protocol configurable to
use others than SSLProtocols.Default (which is SSL 3.0/TLS 1.0)
[ https://issues.apache.org/jira/browse/AMQNET-476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Timothy Bish resolved AMQNET-476.
---------------------------------
Resolution: Fixed
Added new option to the SSL transport to allow changing the setting. Use URI option transport.sslProtocol="Tls" or any of the other valid names from the enum. An incorrect value will throw an exception when a connection attempt is made.
> Make SSL-Protocol configurable to use others than SSLProtocols.Default (which is SSL 3.0/TLS 1.0)
> -------------------------------------------------------------------------------------------------
>
> Key: AMQNET-476
> URL: https://issues.apache.org/jira/browse/AMQNET-476
> Project: ActiveMQ .Net
> Issue Type: New Feature
> Components: NMS
> Affects Versions: 1.6.2
> Reporter: Tom M.
> Assignee: Timothy Bish
> Fix For: 1.7.0
>
>
> Currently in SslTransport.cs it is hard coded to use 'SslProtocols.Default' which points to TLS 1.0 only (see [API|http://msdn.microsoft.com/en-us/library/system.security.authentication.sslprotocols%28v=vs.110%29.aspx]).
> There should be a way to force the usage of newer version of TSL > 1.0 in environments which do support this (.Net 4.5).
> Solution:
> A patch is needed setting the value while keeping the current setting as the default. The patch should provide a means of mapping a URI option to the appropriate enum value keeping in mind that the 1.1 and 1.2 TLS entries are only valid on .NET 4.5+
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)