The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections: <transport-config confidentiality="required" trust-in-target="supported"/> Upstream Bug: https://issues.jboss.org/browse/WFLY-9107 Upstream Pull Request: https://github.com/wildfly/wildfly/pull/10675
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform Via RHSA-2018:3527 https://access.redhat.com/errata/RHSA-2018:3527
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6 Via RHSA-2018:3529 https://access.redhat.com/errata/RHSA-2018:3529
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7 Via RHSA-2018:3528 https://access.redhat.com/errata/RHSA-2018:3528
This issue has been addressed in the following products: Red Hat Single Sign-On 7.2.5 zip Via RHSA-2018:3595 https://access.redhat.com/errata/RHSA-2018:3595