rhtyd opened a new issue #3140: CloudStack management java.security.ciphers has no effect on JVM process URL: https://github.com/apache/cloudstack/issues/3140 The `/etc/cloudstack/management/java.security.ciphers` has no effect on the list of disabled TLS algorithms in the management server JVM process. For example, on port 8250 TLS1.0, 1.1 are still allowed/supported protocols. (Tested using `openssl s_client -connect localhost:8250 -tls1`) However, workaround exists to configure `jdk.tls.disabledAlgorithms` in the global security file: `$JRE_HOME/lib/security/java.security`. ##### ISSUE TYPE <!-- Pick one below and delete the rest --> * Bug Report ##### COMPONENT NAME <!-- Categorize the issue, e.g. API, VR, VPN, UI, etc. --> ~~~ Management Server ~~~ ##### CLOUDSTACK VERSION <!-- New line separated list of affected versions, commit ID for issues on master branch. --> ~~~ 4.11 ~~~ ##### CONFIGURATION <!-- Information about the configuration if relevant, e.g. basic network, advanced networking, etc. N/A otherwise -->
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
