[#QB-1396] Option to disable weak cipher suites in SSL support

<< Back to previous view

[QB-1396] Option to disable weak cipher suites in SSL support Created: 03/Oct/12 Updated: 08/Jan/13
Status:	Resolved
Project:	QuickBuild
Component/s:	None
Affects Version/s:	4.0.62
Fix Version/s:	3.1.73, 4.0.63

Type:

Improvement

Priority:

Major

Reporter:

Robin Shen

Assigned To:

Unassigned

Resolution:

Fixed

Votes:

Remaining Estimate:

Unknown

Time Spent:

Unknown

Original Estimate:

Unknown

Comments

Comment by Robin Shen [ 03/Oct/12 03:14 PM ]

The approach is to create file "conf/ciphers.excluded" for each SSL equipped QuickBuild installation (agent and server) to exclude weak cipher suites. For Sun JDK5 and Sun JDK6. Below content can be used:
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA

Generated at Tue May 21 10:39:09 UTC 2024 using JIRA 189.

[QB-1396] Option to disable weak cipher suites in SSL support Created: 03/Oct/12 Updated: 08/Jan/13

[QB-1396] Option to disable weak cipher suites in SSL support
Created: 03/Oct/12 Updated: 08/Jan/13