qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John O'Hara (JIRA)" <qpid-...@incubator.apache.org>
Subject [jira] Commented: (QPID-6) Need to make SSL options configurable
Date Fri, 29 Sep 2006 08:49:52 GMT
    [ http://issues.apache.org/jira/browse/QPID-6?page=comments#action_12438677 ] 
John O'Hara commented on QPID-6:

Actually, SSL contains a lot of cipher suites.

We should make the server warn when a weak cipther suite is selected by a client.
We should also make the server negotiate down a list from strongest to weakest.

Some regions of the world still bar strong crypto, so this should be a warning in the server
log, not an error.

> Need to make SSL options configurable
> -------------------------------------
>                 Key: QPID-6
>                 URL: http://issues.apache.org/jira/browse/QPID-6
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Martin Ritchie
> In both the client and broker, the SSL support lacks the ability to configure basically
> We need to be able to allow the user/administration to configure the certificate, keystore
and so on. 
> On the broker, look at org.amqp.blaze.server.protocol.AMQPFastProtocolHandler line 97.
From there trace into the org.amqp.blaze.ssl.BogusSSLContextFactory which is the class that
hardcodes stuff in a way that is very useful for a dev environment! 
> Basically the task in this jira is to make this whole area fully configurable.  

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message