You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@activemq.apache.org by "Luis (JIRA)" <ji...@apache.org> on 2018/03/09 22:30:00 UTC

[jira] [Commented] (APLO-377) Disallow use of SSLv3 to protect against POODLE in Apollo 1.7 broker

    [ https://issues.apache.org/jira/browse/APLO-377?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16393698#comment-16393698 ] 

Luis commented on APLO-377:
---------------------------

Just to bring attention to section [Working Around Java 7 SSL Bugs|https://activemq.apache.org/apollo/documentation/user-manual.html#Working_Around_Java_7_SSL_Bugs] in the Apollo documentation, which suggests the syntax needed to restrict secure connections to TLS 1.2 (which as of today seems to be the better thing to do):
 
{noformat}
<connector id="stcp" bind="tlsv1.2://0.0.0.0:61614"/>
{noformat}


> Disallow use of SSLv3 to protect against POODLE in Apollo 1.7 broker
> --------------------------------------------------------------------
>
>                 Key: APLO-377
>                 URL: https://issues.apache.org/jira/browse/APLO-377
>             Project: ActiveMQ Apollo
>          Issue Type: Question
>          Components: apollo-broker
>    Affects Versions: 1.7
>            Reporter: Alain Dupont
>            Priority: Critical
>
> Wanted to know if apollo.xml file (Apollo 1.7 broker) could be configured in order to allow TLSv1.2 or TLS1.1 but disallow SSL3.
> Have found JIRA ACTIVEMQ6-36 for ActiveMQ but could not found any information about this for Apollo 1.7.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)