You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2019/01/19 17:00:37 UTC

[GitHub] rhtyd opened a new issue #3140: CloudStack management java.security.ciphers has no effect on JVM process

rhtyd opened a new issue #3140: CloudStack management java.security.ciphers has no effect on JVM process
URL: https://github.com/apache/cloudstack/issues/3140
 
 
   The `/etc/cloudstack/management/java.security.ciphers` has no effect on the list of disabled TLS algorithms in the management server JVM process. For example, on port 8250 TLS1.0, 1.1 are still allowed/supported protocols. (Tested using `openssl s_client -connect localhost:8250 -tls1`)
   
   However, workaround exists to configure `jdk.tls.disabledAlgorithms` in the global security file: `$JRE_HOME/lib/security/java.security`.
   
   ##### ISSUE TYPE
   <!-- Pick one below and delete the rest -->
    * Bug Report
   
   ##### COMPONENT NAME
   <!--
   Categorize the issue, e.g. API, VR, VPN, UI, etc.
   -->
   ~~~
   Management Server
   ~~~
   
   ##### CLOUDSTACK VERSION
   <!--
   New line separated list of affected versions, commit ID for issues on master branch.
   -->
   ~~~
   4.11
   ~~~
   
   ##### CONFIGURATION
   <!--
   Information about the configuration if relevant, e.g. basic network, advanced networking, etc.  N/A otherwise
   -->

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services