You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@activemq.apache.org by "Gary Tully (JIRA)" <ji...@apache.org> on 2010/03/31 19:01:08 UTC
[jira] Resolved: (AMQ-2384) The activeMQ port supports low and
medium strength ciphers
[ https://issues.apache.org/activemq/browse/AMQ-2384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gary Tully resolved AMQ-2384.
-----------------------------
Resolution: Fixed
applied some changes in r929618 to support this so that it will make 5.4
Phil, I did not apply your patch directly but went back to why the introspector was not working and there was a simple fix to ensure we did not reference the internal tls impl class for reflection. With that change, it is possible to set arbitrary options on SSLServerSocket via transportOptions and with the properties editor to pass a string array argument.
I added some test that demonstrate. Thanks for your work on this and the patch, it helped :-)
> The activeMQ port supports low and medium strength ciphers
> -----------------------------------------------------------
>
> Key: AMQ-2384
> URL: https://issues.apache.org/activemq/browse/AMQ-2384
> Project: ActiveMQ
> Issue Type: Bug
> Components: Connector
> Affects Versions: 5.2.0
> Environment: We are running the ActiveMQ 5.2.0 over a SLES 11 64 bit machine. In the configuration file activemq.xml there is no way to specify the supported ciphers.
> Reporter: Shrisha Chandrashekar
> Assignee: Gary Tully
> Fix For: 5.4.0
>
> Attachments: setSslSocketOptions.patch, SSLEnableCiphers.patch
>
>
> On running a Tenable nessus scan against the machine where ActiveMQ is running, we see that the port 61616 , the TCP connector port accepts Low and Medium strength ciphers by default. This may be a security risk and therefore we need a way to specify which ciphers to support.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.