| Summary: | Some ADH cipher suites are not recognized by Web HTTPS connector | ||
|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Ondrej Kotek <okotek> |
| Component: | Web | Assignee: | jboss-set |
| Status: | CLOSED WONTFIX | QA Contact: | Ondrej Kotek <okotek> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.3.3 | CC: | bbaranow, rmaucher |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-03-01 12:28:54 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
The 5 cipher suites named above are the only that are supported by IBM JDK for "aNULL" and "ADH" cipher strings. Hence the cipher strings are also not recognized by HTTPS connector on IBM JDK (causes the same error described above). |
Description of problem: There are 5 ADH cipher suites that are not recognized by HTTPS connector (listener does not start). Namely: EXP-ADH-DES-CBC-SHA, ADH-DES-CBC-SHA, ADH-DES-CBC3-SHA, EXP-ADH-RC4-MD5, ADH-RC4-MD5. How reproducible: Set given cipher suite to Web HTTPS connector. Start server. <connector name="https" protocol="HTTP/1.1" scheme="https" socket-binding="https" secure="true" enabled="true"> <ssl key-alias="javaserver" password="tomcat" certificate-key-file="/path-to/server-cert-key-rsa.jks" cipher-suite="EXP-ADH-DES-CBC-SHA" verify-client="false" certificate-file="/path-to/server-cert-key-rsa.jks" ca-certificate-file="/path-to/ca-cert.jks"/> </connector> Actual results: ERROR [org.apache.coyote.http11.Http11Protocol] (MSC service thread 1-2) JBWEB003043: Error initializing endpoint: java.io.IOException: JBWEB002081: No cipher match ... ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.web.connector.https: org.jboss.msc.service.StartException in service jboss.web.connector.https: JBAS018007: Error starting web connector Expected results: HTTPS connector service starts.