History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: QB-1396
Type: Improvement Improvement
Status: Resolved Resolved
Resolution: Fixed
Priority: Major Major
Assignee: Unassigned
Reporter: Robin Shen
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
QuickBuild

Option to disable weak cipher suites in SSL support

Created: 03/Oct/12 02:13 PM   Updated: 08/Jan/13 05:29 AM
Component/s: None
Affects Version/s: 4.0.62
Fix Version/s: 3.1.73, 4.0.63

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown


 All   Comments   Work Log   Change History      Sort Order:
[ Permlink | « Hide ]
Robin Shen [03/Oct/12 03:14 PM]
The approach is to create file "conf/ciphers.excluded" for each SSL equipped QuickBuild installation (agent and server) to exclude weak cipher suites. For Sun JDK5 and Sun JDK6. Below content can be used:
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA


Powered by Atlassian JIRA™ the Professional Issue Tracker. (Standard Edition, Version: 3.7.4-#189) - Bug/feature request - Contact Administrators