Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1121688 - Setting invalid protocol names in ssl configuration isn't shown to the user and is automatically changed to default value
Summary: Setting invalid protocol names in ssl configuration isn't shown to the user a...
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Web
Version: 6.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: EAP 6.4.0
Assignee: Rémy Maucherat
QA Contact: Michael Cada
Depends On:
TreeView+ depends on / blocked
Reported: 2014-07-21 15:24 UTC by Radim Hatlapatka
Modified: 2019-08-19 12:44 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2019-08-19 12:44:37 UTC
Type: Bug

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1019375 0 unspecified CLOSED SSL Protocols Options are wrong / do not match JSSE defaults. 2021-02-22 00:41:40 UTC

Internal Links: 1019375

Description Radim Hatlapatka 2014-07-21 15:24:14 UTC
Description of problem:
If I set protocol in ssl configuration to some invalid value, the default value is used instead without any message shown to the user.

Version-Release number of selected component (if applicable): EAP 6.3.0.ER10 and also earlier versions are affected

How reproducible: always

Steps to Reproduce:
1. setup EAP with ssl configuration
2. set ssl protocol e.g. to blablabla (/subsystem=web/connector=https/configuration=ssl:write-attribute(name=protocol, value="blablabla") )

Actual results: no message is shown to the user and you are able to connect the same way as when you set no protocol value (via TLS)

Expected results: at least warning is prompted that invalid value was provided and that default value is used.

Additional info:
This behavior is the same for both native and JSSE.

Note You need to log in before you can comment on or make changes to this bug.