You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by "Luis (JIRA)" <ji...@apache.org> on 2018/03/09 22:30:00 UTC
[jira] [Commented] (APLO-377) Disallow use of SSLv3 to protect
against POODLE in Apollo 1.7 broker
[ https://issues.apache.org/jira/browse/APLO-377?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16393698#comment-16393698 ]
Luis commented on APLO-377:
---------------------------
Just to bring attention to section [Working Around Java 7 SSL Bugs|https://activemq.apache.org/apollo/documentation/user-manual.html#Working_Around_Java_7_SSL_Bugs] in the Apollo documentation, which suggests the syntax needed to restrict secure connections to TLS 1.2 (which as of today seems to be the better thing to do):
{noformat}
<connector id="stcp" bind="tlsv1.2://0.0.0.0:61614"/>
{noformat}
> Disallow use of SSLv3 to protect against POODLE in Apollo 1.7 broker
> --------------------------------------------------------------------
>
> Key: APLO-377
> URL: https://issues.apache.org/jira/browse/APLO-377
> Project: ActiveMQ Apollo
> Issue Type: Question
> Components: apollo-broker
> Affects Versions: 1.7
> Reporter: Alain Dupont
> Priority: Critical
>
> Wanted to know if apollo.xml file (Apollo 1.7 broker) could be configured in order to allow TLSv1.2 or TLS1.1 but disallow SSL3.
> Have found JIRA ACTIVEMQ6-36 for ActiveMQ but could not found any information about this for Apollo 1.7.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)