[
https://issues.apache.org/jira/browse/QPID-6490?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Trang Vo updated QPID-6490:
---------------------------
Attachment: util.h
util.cpp
> Configure SSL ciphers
> ---------------------
>
> Key: QPID-6490
> URL: https://issues.apache.org/jira/browse/QPID-6490
> Project: Qpid
> Issue Type: Improvement
> Components: C++ Broker
> Affects Versions: 0.30
> Environment: Linux
> Reporter: Brant Knudson
> Priority: Major
> Labels: security
> Attachments: util.cpp, util.h
>
>
> qpid-cpp must allow an admin to set the SSL ciphers / protocols that they
> want the server to allow. The default should be ciphers / protocols that
> don't have known security vulnerabilities like SSLv3 (POODLE) and RC4 ciphers
> (Bar Mitzvah)
> With CVE-2015-2808 (a.k.a. Bar Mitzvah affecting RC4 ciphers) and other
> recent vulnerabilities found in different ciphers / protocols, we need to be
> able to disable ciphers / protocols easily.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
