Bug 1277391

Summary:	Default values for secure-socket-protocol parameters in rhq-server.properties file need to be changed
Product:	[Other] RHQ Project	Reporter:	bkramer <bkramer>
Component:	Configuration	Assignee:	Nobody <nobody>
Status:	NEW ---	QA Contact:
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	4.12	CC:	hrupp
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:		Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1277389

Description bkramer 2015-11-03 08:51:24 UTC

Description of problem:

Currently, security.secure-socket-protocol parameters from rhq-server.properties file are set as:

    ** rhq.server.client.security.secure-socket-protocol=TLS
    ** rhq.communications.connector.security.secure-socket-protocol=TLS
    ** rhq.server.tomcat.security.secure-socket-protocol=TLS

This worked fine in all versions prior to RHQ 4.12 (version equivalent to JBoss ON 3.3.4). However, in the latest RHQ 4.12 (equivalent JBoss ON 3.3.4), protocol without version is not accepted any more. 

So, above "TLS" value should be replaced with "TLSv1,TLSv1.1,TLSv1.2".



Version-Release number of selected component (if applicable):
RHQ 4.12 (equivalent to JON 3.3.4)

How reproducible:
Always

Steps to Reproduce:


Actual results:
Attempt to log in using https and 7443 port fails and on Firefox the following error is shown ssl_error_no_cypher_overlap. The same attempt on Chrome fails with ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.

Expected results:
No error is thrown and attempt to log in using https and 7443 works fine.

Additional info: