You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Adrien PAILHES (JIRA)" <ji...@apache.org> on 2014/07/23 18:03:40 UTC

[jira] [Comment Edited] (FELIX-4376) Allow inclusion/exclusion of cipher suites in SSL connector

    [ https://issues.apache.org/jira/browse/FELIX-4376?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14071887#comment-14071887 ] 

Adrien PAILHES edited comment on FELIX-4376 at 7/23/14 4:02 PM:
----------------------------------------------------------------

Hello, 

I've got a pb with multiple exclude(or include) ciphersuites. Something like:
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5
{code}
does not work whereas
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA
{code}
works correctly.

I think(but I'm not sure) that org.apache.felix.http.jetty.internal.JettyConfig#getStringArrayProperty always get a String property(org.apache.felix.http.jetty.internal.JettyConfig#getProperty(java.lang.String)) instead of an array.

I don't know how to debug it... so maybe somebody can try that kind of use case and tell me if he can reproduce the problem with comma-separated params?





was (Author: apailhes):
Hello, 

I've got a pb with multiple exclude(or include) ciphersuites. Something like:
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA,SSL_RSA_WITH_RC4_128_MD5
{code}
whereas
{code}
-Dorg.apache.felix.https.jetty.ciphersuites.excluded=SSL_RSA_WITH_RC4_128_SHA
{code}
works correctly.

I think(but I'm not sure) that org.apache.felix.http.jetty.internal.JettyConfig#getStringArrayProperty always get a String property(org.apache.felix.http.jetty.internal.JettyConfig#getProperty(java.lang.String)) instead of an array.

I don't know how to debug it... so maybe somebody can try that kind of use case and tell me if he can reproduce the problem with comma-separated params?




> Allow inclusion/exclusion of cipher suites in SSL connector
> -----------------------------------------------------------
>
>                 Key: FELIX-4376
>                 URL: https://issues.apache.org/jira/browse/FELIX-4376
>             Project: Felix
>          Issue Type: Improvement
>          Components: HTTP Service
>    Affects Versions: http-2.2.1
>            Reporter: Dominique Pfister
>            Assignee: Felix Meschberger
>             Fix For: http-2.2.2
>
>         Attachments: patch.txt
>
>
> Jetty allows including/excluding cipher suites (in o.e.j.s.ssl.SslConnector). It would be great to make this available in the Jetty Bridge OSGI configuration. Ideally, there could be 2 properties, of type String[], that dictate what suites to explicitly include or exclude.



--
This message was sent by Atlassian JIRA
(v6.2#6252)