![]() |
|
|
|
|
Issue Type:
|
![Improvement]() Improvement
|
|
Affects Versions:
|
current |
|
Assignee:
|
Unassigned |
|
Components:
|
core |
|
Created:
|
22/Jul/14 1:40 PM
|
|
Description:
|
sslscan detects following weak (<128bits) ciphers (when using jetty/https):
Supported Server Cipher(s):
Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA
Accepted SSLv3 56 bits DES-CBC-SHA
Accepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-RC4-MD5
Accepted TLSv1 56 bits EDH-RSA-DES-CBC-SHA
Accepted TLSv1 56 bits DES-CBC-SHA
Accepted TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-RC4-MD5
Some IT departements are rather strict and do not allow weak ciphers.
An option in /etc/default/jenkins allowing to set jetty's 'excludeCipherSuites' (or to disable all weak ciphers) would be great.
|
|
Environment:
|
Debian wheezy amd64
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
aeschbacher
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/d/optout.
