Project

General

Profile

Actions
Copy link

Bug #22567

closed

Tomcat server.xml templates require the sslEnabledProtocols parameter to

Added by Rich Jerrido almost 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Low
Assignee:
-
Category:
Installer
Target version:
Katello 3.7.0
Difficulty:
trivial
Triaged:
Bugzilla link:
Pull request:
https://github.com/theforeman/puppet-candlepin/pull/97
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

When leveraging custom Hiera to secure my Tomcat instance, I noticed that the sslProtocols value (set in the server.xml.erb file) only sets the maximum version of the SSL protocol offered. That is, if you set sslProtocols to TLSv1.2, it offers 1.0, 1.1 and 1.2 (but not 1.3).

To actually restrict the protocols used for a client connection, you need to also use the sslEnabledProtocols parameter (https://tomcat.apache.org/tomcat-7.0-doc/config/http.html)

Actions
Copy link
 #1

Updated by Stephen Benjamin almost 7 years ago

  • Project changed from Foreman to Katello
  • Category changed from 47 to Installer
Actions
Copy link
 #2

Updated by The Foreman Bot almost 7 years ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-candlepin/pull/97 added
Actions
Copy link
 #3

Updated by Rich Jerrido almost 7 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Justin Sherrill almost 7 years ago

  • Translation missing: en.field_release set to 338
Actions
Copy link

Also available in: Atom PDF