You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/04/12 16:28:25 UTC

[jira] [Commented] (ARTEMIS-478) Improve Openwire SslBrokerServiceTest

    [ https://issues.apache.org/jira/browse/ARTEMIS-478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15237256#comment-15237256 ] 

ASF GitHub Bot commented on ARTEMIS-478:
----------------------------------------

GitHub user gaohoward opened a pull request:

    https://github.com/apache/activemq-artemis/pull/458

    ARTEMIS-478 Improve Openwire SslBrokerServiceTest

    Some of the SSL tests in openwire requires to pass in more options like
    enabledCipherSuites. It needs to refactor the test util to allow passing
    of those options to broker.
    And some of the cipher suite is obsolete in recent jre. Meaning they
    are disabled by default for security reasons
    (e.g. SSL_RSA_WITH_RC4_128_SHA). This will cause SSL handshake failure.
    It can be fixed by using a more secure (not disabled) one, like
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/gaohoward/activemq-artemis apache_master

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/activemq-artemis/pull/458.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #458
    
----
commit fd3d630596e760512b3e41f6ab5174e9b3bb86c4
Author: Howard Gao <ho...@gmail.com>
Date:   2016-04-12T13:25:16Z

    ARTEMIS-478 Improve Openwire SslBrokerServiceTest
    
    Some of the SSL tests in openwire requires to pass in more options like
    enabledCipherSuites. It needs to refactor the test util to allow passing
    of those options to broker.
    And some of the cipher suite is obsolete in recent jre. Meaning they
    are disabled by default for security reasons
    (e.g. SSL_RSA_WITH_RC4_128_SHA). This will cause SSL handshake failure.
    It can be fixed by using a more secure (not disabled) one, like
    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

----


> Improve Openwire SslBrokerServiceTest
> -------------------------------------
>
>                 Key: ARTEMIS-478
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-478
>             Project: ActiveMQ Artemis
>          Issue Type: Bug
>          Components: OpenWire
>    Affects Versions: 1.2.0
>            Reporter: Howard Gao
>            Assignee: Howard Gao
>             Fix For: 1.3.0
>
>
> Some of the SSL tests in openwire requires to pass in more options like
> enabledCipherSuites
> It needs to refactor the test util to allow passing of those options to broker.
> And some of the cipher suite is obsolete in recent jre. Meaning they are disabled by default for security reasons (e.g. SSL_RSA_WITH_RC4_128_SHA). This will cause SSL handshake failure.
> It can be fixed by using a more secure (not disabled) one, like
> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)