activemq-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lionel Cons (JIRA)" <j...@apache.org>
Subject [jira] [Created] (ARTEMIS-576) Artemis should use safe SSL defaults
Date Mon, 20 Jun 2016 06:58:05 GMT
Lionel Cons created ARTEMIS-576:
-----------------------------------

             Summary: Artemis should use safe SSL defaults
                 Key: ARTEMIS-576
                 URL: https://issues.apache.org/jira/browse/ARTEMIS-576
             Project: ActiveMQ Artemis
          Issue Type: Bug
            Reporter: Lionel Cons


Enabling SSL with the default options, Artemis logs a warning:

{code}
2016-06-20 08:43:18,253 [org.apache.activemq.artemis.core.server] WARN AMQ222190: Disallowing
use of vulnerable protocol: SSLv2Hello. See http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html
for more details.
{code}

With default options (here {{enabledProtocols}} is not set), Artemis should be safe and silent
(= no warnings). So the default list of protocols should not include {{SSLv2Hello}}.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message