[
https://issues.apache.org/jira/browse/GEODE-8419?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17209213#comment-17209213
]
ASF GitHub Bot commented on GEODE-8419:
---------------------------------------
Bill merged pull request #5594:
URL: https://github.com/apache/geode/pull/5594
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> SSL/TLS protocol and cipher suite configuration is ignored
> ----------------------------------------------------------
>
> Key: GEODE-8419
> URL: https://issues.apache.org/jira/browse/GEODE-8419
> Project: Geode
> Issue Type: Bug
> Components: client/server, membership, security
> Affects Versions: 1.10.0, 1.11.0, 1.12.0, 1.13.0, 1.14.0
> Reporter: Jacob Barrett
> Assignee: Bruce J Schuchardt
> Priority: Major
> Labels: pull-request-available
> Fix For: 1.14.0
>
>
> Configuring {{ssl-protocols}} or {{ssl-ciphers}} properties, or per-component
> ssl properties, have no effect. Configuring {{ssl-protocols}} may effect the
> {{SSLContext}} selected and limit some of the protocols allowed but does not
> restrict to just the set specified in the property. The {{ssl-ciphers}}
> property does not limit cipher selection at all.
> The result is that all ciphers allowed under the match {{SSLContext}} are
> allowed and negotiated. This can result in an unintended cipher being used in
> SSL/TLS communication.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
