[
https://issues.apache.org/jira/browse/CASSANDRA-11164?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15144982#comment-15144982
]
Tom Petracca commented on CASSANDRA-11164:
------------------------------------------
And to follow up. I don't know that the ordering actually matters; some
tickets and stuff online seems to suggest that it does, but nowhere in the
java documentation for SSLSocket or SSLServerSocket does it imply that the
ordering of the suites actually implies that it will attempt to use them in
that order. It doesn't really have an impact by ordering them, so why not?
> Order and filter cipher suites correctly
> ----------------------------------------
>
> Key: CASSANDRA-11164
> URL: https://issues.apache.org/jira/browse/CASSANDRA-11164
> Project: Cassandra
> Issue Type: Bug
> Reporter: Tom Petracca
> Priority: Minor
> Fix For: 2.2.x
>
> Attachments: 11164-2.2.txt
>
>
> As pointed out in https://issues.apache.org/jira/browse/CASSANDRA-10508,
> SSLFactory.filterCipherSuites() doesn't respect the ordering of desired
> ciphers in cassandra.yaml.
> Also the fix that occurred for
> https://issues.apache.org/jira/browse/CASSANDRA-3278 is incomplete and needs
> to be applied to all locations where we create an SSLSocket so that JCE is
> not required out of the box or with additional configuration.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
