[
https://issues.apache.org/jira/browse/PROTOCOLS-99?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Phillip Odam updated PROTOCOLS-99:
----------------------------------
Attachment: starttls and supported cipher suite config.patch
> supportedCipherSuites not working for startTLS
> ----------------------------------------------
>
> Key: PROTOCOLS-99
> URL: https://issues.apache.org/jira/browse/PROTOCOLS-99
> Project: James Protocols
> Issue Type: Bug
> Components: api
> Affects Versions: 2.0.0, 1.6.2, 1.6.3
> Reporter: Phillip Odam
> Assignee: Eric Charles
> Attachments: starttls and supported cipher suite config.patch
>
> Original Estimate: 1h
> Remaining Estimate: 1h
>
> Setting the supported cipher suites when startTLS is enabled is not limiting
> the available ciphers since the instantiation of the Encryption object always
> sets the member enabledCipherSuites to null.
> Demonstrate issue:
> Add the following to the tls tag in conf/smtpserver.conf
> <supportedCipherSuites>
> <cipherSuite>TLS_DHE_DSS_WITH_AES_256_CBC_SHA</cipherSuite>
> </supportedCipherSuites>
> With the change active, attempting to connect to the server with the
> following command will succeed (with a weaker cipher)
> openssl s_client -connect mail.server.tld:25 -crlf -starttls smtp -cipher LOW
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
