[
https://issues.apache.org/jira/browse/ARTEMIS-3038?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Robbie Gemmell updated ARTEMIS-3038:
------------------------------------
Fix Version/s: 2.19.0
> unwind defunct changes from ARTEMIS-1264
> ----------------------------------------
>
> Key: ARTEMIS-3038
> URL: https://issues.apache.org/jira/browse/ARTEMIS-3038
> Project: ActiveMQ Artemis
> Issue Type: Task
> Affects Versions: 2.18.0
> Reporter: Clebert Suconic
> Assignee: Robbie Gemmell
> Priority: Major
> Fix For: 2.19.0
>
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> The changes made in ARTEMIS-1264 are essentially defunct and should be
> unwound. The Kerberos TLS cipher suites were already not recommended for use
> at the time due to being weak, they had already been removed entirely from
> Java 11 by then, and have been disabled by default in Java 8 releases for
> some time now, and do not work with TLS 1.3. OpenSSL removed the equivalent
> support from its source even earlier in May 2015,
> [https://mta.openssl.org/pipermail/openssl-users/2015-May/001406.html].
> The related tests have already been removed as they were failing, then
> ignored, and essentialy couldnt run anywhere. The non-test changes are now
> untested and essentially defunct already, but once releases require Java 11
> they will become entirely unusable.
>
> Originally described with
> "CoreClientOverOneWaySSLKerb5Test#testOneWaySSLWithGoodClientCipherSuite is
> failing.... I set the test with an ignore .. until we investigate what we
> should do."
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
