Bug 1277391 - Default values for secure-socket-protocol parameters in rhq-server.properties file need to be changed
Summary: Default values for secure-socket-protocol parameters in rhq-server.properties...
Keywords:
Status: NEW
Alias: None
Product: RHQ Project
Classification: Other
Component: Configuration
Version: 4.12
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1277389
TreeView+ depends on / blocked
 
Reported: 2015-11-03 08:51 UTC by bkramer
Modified: 2022-03-31 04:28 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description bkramer 2015-11-03 08:51:24 UTC 
Description of problem:

Currently, security.secure-socket-protocol parameters from rhq-server.properties file are set as:

    ** rhq.server.client.security.secure-socket-protocol=TLS
    ** rhq.communications.connector.security.secure-socket-protocol=TLS
    ** rhq.server.tomcat.security.secure-socket-protocol=TLS

This worked fine in all versions prior to RHQ 4.12 (version equivalent to JBoss ON 3.3.4). However, in the latest RHQ 4.12 (equivalent JBoss ON 3.3.4), protocol without version is not accepted any more. 

So, above "TLS" value should be replaced with "TLSv1,TLSv1.1,TLSv1.2".



Version-Release number of selected component (if applicable):
RHQ 4.12 (equivalent to JON 3.3.4)

How reproducible:
Always

Steps to Reproduce:


Actual results:
Attempt to log in using https and 7443 port fails and on Firefox the following error is shown ssl_error_no_cypher_overlap. The same attempt on Chrome fails with ERR_SSL_VERSION_OR_CIPHER_MISMATCH error.

Expected results:
No error is thrown and attempt to log in using https and 7443 works fine.

Additional info:
Note You need to log in before you can comment on or make changes to this bug.