Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.9.50, 2.2.11
    • Fix Version/s: None
    • Component/s: configuration
    • Labels:
      None

      Description

      It's not possible to configure TLS 1.1, 1.2 support via grizzly-config
      mirror of http://java.net/jira/browse/GLASSFISH-18949

        Activity

        Hide
        oleksiys added a comment -

        fixed [1.9.x]

        Project: grizzly
        Revision: b18dc3b9d36e803626ec30c7ec47c2fa3d2fca5d
        Date: 2012-08-01 09:45:11 UTC

        Log Message:
        ------------
        + implement feature #1306
        http://java.net/jira/browse/GRIZZLY-1306
        "Support TLS 1.1, 1.2"

        Revisions:
        ----------
        b18dc3b9d36e803626ec30c7ec47c2fa3d2fca5d

        Show
        oleksiys added a comment - fixed [1.9.x] Project: grizzly Revision: b18dc3b9d36e803626ec30c7ec47c2fa3d2fca5d Date: 2012-08-01 09:45:11 UTC Log Message: ------------ + implement feature #1306 http://java.net/jira/browse/GRIZZLY-1306 "Support TLS 1.1, 1.2" Revisions: ---------- b18dc3b9d36e803626ec30c7ec47c2fa3d2fca5d
        Hide
        oleksiys added a comment -

        fixed [trunk]

        Project: grizzly
        Revision: ff023d9049497eda45baaea3376d4697c6f39baa
        Date: 2012-08-01 11:23:54 UTC

        Log Message:
        ------------
        + [trunk] implement feature #1306
        http://java.net/jira/browse/GRIZZLY-1306
        "Support TLS 1.1, 1.2"

        Revisions:
        ----------
        ff023d9049497eda45baaea3376d4697c6f39baa

        Show
        oleksiys added a comment - fixed [trunk] Project: grizzly Revision: ff023d9049497eda45baaea3376d4697c6f39baa Date: 2012-08-01 11:23:54 UTC Log Message: ------------ + [trunk] implement feature #1306 http://java.net/jira/browse/GRIZZLY-1306 "Support TLS 1.1, 1.2" Revisions: ---------- ff023d9049497eda45baaea3376d4697c6f39baa
        Hide
        oleksiys added a comment -

        mark as fixed

        Show
        oleksiys added a comment - mark as fixed
        Hide
        preston001 added a comment -

        As part of this should you be able to disable older versions of TLS? I'm trying to prevent a TLS 1.0 vulnerability as described in http://eprint.iacr.org/2006/136.pdf

        Show
        preston001 added a comment - As part of this should you be able to disable older versions of TLS? I'm trying to prevent a TLS 1.0 vulnerability as described in http://eprint.iacr.org/2006/136.pdf
        Hide
        oleksiys added a comment -

        did you try something like:

        asadmin set configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls-enabled=false
        

        and

        asadmin set configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls11-enabled=false
        

        ?

        Show
        oleksiys added a comment - did you try something like: asadmin set configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls-enabled= false and asadmin set configs.config.server-config.network-config.protocols.protocol.http-listener-2.ssl.tls11-enabled= false ?

          People

          • Assignee:
            Unassigned
            Reporter:
            oleksiys
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: