[
https://issues.apache.org/jira/browse/AMQ-8132?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17357386#comment-17357386
]
Matt Pavlovich commented on AMQ-8132:
-------------------------------------
Hi [~joecarder] thanks for filing the issue. Happened to be reviewing SSL for
another ticket and will look to get this into 5.17.0.
> SSL Param UseCipherSuitesOrder Not Reflective
> ---------------------------------------------
>
> Key: AMQ-8132
> URL: https://issues.apache.org/jira/browse/AMQ-8132
> Project: ActiveMQ
> Issue Type: Bug
> Components: Broker, Transport
> Affects Versions: 5.15.14
> Environment: ActiveMQ 5.15.14
> JDK 8.X/11.x/14.X
> CentOS 7/8
>
> Reporter: Joe Carder
> Assignee: Matt Pavlovich
> Priority: Major
> Fix For: 5.17.0
>
>
> We have a use case where we need to set not only the enabled cipher suites
> via the transport URI, but the order list as well. We can set the suite list
> via transport.enabledCipherSuites setter and that is reflective in AMQ,
> however when attempting to set the order list via
> {color:#212121}transport.UseCipherSuitesOrder=true this setter does not seem
> to be reflective, as the cipher order is still being set by the client
> configuration.
> Looking at
> [https://github.com/apache/activemq/blob/master/activemq-client/src/main/java/org/apache/activemq/transport/tcp/TcpTransportServer.java]
> it appears that all the SSLParameters under javax.net.ssl.sslParameters
> should be reflective but that doesn't seem to be the case with this setter,
> as we do not see the expected behavior (IE: the cipher suite order reflecting
> the order set local to the AMQ JVM as specified here
> [https://docs.oracle.com/javase/8/docs/api/javax/net/ssl/SSLParameters.html#setUseCipherSuitesOrder-boolean-]
> )
> {color}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
