Susan Hinrichs created TS-3711:
----------------------------------
Summary: Allow DHE ciphers in the ciphersuite list to be negotiable
Key: TS-3711
URL: https://issues.apache.org/jira/browse/TS-3711
Project: Traffic Server
Issue Type: Bug
Components: SSL
Reporter: Susan Hinrichs
As it stands, adding a DHE- cipher to the cipher suite list is not sufficient
to allow a DHE protocol to be negotiated. One must also add a dhparams file.
We should re-introduce the logic to automatically create DHParams if none is
specified. We currently have logic in the could that will create a fixed 2048
bit DHParams, but it is not currently enabled. The disabling was tracked in
TS-3437.
Now that we are at a major release, we should reactivate this logic, since it
seems odd to have a two step process for activating DHE- ciphers (unlike any
other cipher family).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
