[
https://issues.apache.org/jira/browse/DERBY-6768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mamta A. Satoor updated DERBY-6768:
-----------------------------------
Attachment: DERBY-6768_patch1_diff.txt
Attaching a patch which will now print the enabled protocols list when the
server starts up in the log file. A sample new line in the log will look as
follows
Wed Nov 12 21:32:21 PST 2014 : Apache Derby Network Server - 10.12.0.0 alpha -
(1636020M) Enabled Protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2
Of course, the list of protocols will be different depending on the JVM. When I
start my network server, the log file has the bootup message and the enabled
protocols
Wed Nov 12 21:32:21 PST 2014 : Apache Derby Network Server - 10.12.0.0 alpha -
(1636020M) started and ready to accept SSL connections on port 1529
Wed Nov 12 21:32:21 PST 2014 : Apache Derby Network Server - 10.12.0.0 alpha -
(1636020M) Enabled Protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2
If there is any feedback on the wordings of the enabled protocols info, please
let me know. Thanks
> List the enabled protocols in derby.log for network server configuration
> ------------------------------------------------------------------------
>
> Key: DERBY-6768
> URL: https://issues.apache.org/jira/browse/DERBY-6768
> Project: Derby
> Issue Type: Improvement
> Components: Network Server
> Affects Versions: 10.12.0.0
> Reporter: Mamta A. Satoor
> Assignee: Mamta A. Satoor
> Attachments: DERBY-6768_patch1_diff.txt
>
>
> DERBY-6764 is the result of poodle security alert in SSLv3 and SSLv2Hello
> protocols. For future, it will be good to know the protocols that are enabled
> on the server side so it is easier to know if the product may be impacted by
> a security issue with any specific protocol. To achieve this, at the server
> boot up time, we should list these enabled protocols in derby.log
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
