Bug #22567: Tomcat server.xml templates require the sslEnabledProtocols parameter to - Katello - Foreman

Actions

Copy link

Bug #22567

closed

Tomcat server.xml templates require the sslEnabledProtocols parameter to

Added by Rich Jerrido almost 7 years ago. Updated over 6 years ago.

Status:

Closed

Priority:

Low

Assignee:

Category:

Installer

Target version:

Katello 3.7.0

Difficulty:

trivial

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/puppet-candlepin/pull/97

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

When leveraging custom Hiera to secure my Tomcat instance, I noticed that the sslProtocols value (set in the server.xml.erb file) only sets the maximum version of the SSL protocol offered. That is, if you set sslProtocols to TLSv1.2, it offers 1.0, 1.1 and 1.2 (but not 1.3).

To actually restrict the protocols used for a client connection, you need to also use the sslEnabledProtocols parameter (https://tomcat.apache.org/tomcat-7.0-doc/config/http.html)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Plugins » Katello

Custom queries

Bug #22567

Tomcat server.xml templates require the sslEnabledProtocols parameter to

Updated by Stephen Benjamin almost 7 years ago

Updated by The Foreman Bot almost 7 years ago

Updated by Rich Jerrido almost 7 years ago

Updated by Justin Sherrill almost 7 years ago