Uploaded image for project: 'AMQ Interconnect'
  1. AMQ Interconnect
  2. ENTMQIC-1990

Allow restriction of TLS and SSL protocol versions to be used in connections

    Details

    • Type: Epic
    • Status: Done
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 1.2.0.CR1
    • Component/s: Qpid Dispatch Router
    • Labels:
      None
    • Epic Name:
      ToDo fill in Epic name
    • Target Release:
    • Epic Status:
      Done
    • Affects:
      Documentation (Ref Guide, User Guide, etc.), Release Notes
    • Release Notes Text:
      In this version of AMQ Interconnect, you can now specify the SSL/TLS protocol version to be used in connections. You can use this capability to block versions of the protocol that have been shown to have security vulnerabilities.
    • Release Notes Docs Status:
      Documented as Feature Request

      Description

      User Story:
      As a deployer, my company has a security policy that requires a particular version of TLS to be used in network security. I need to configure my routers to use only that TLS version. If there is no available subset between client and server, I expect a clear audit log entry to tell me that a connection failed. I expect the default value to be reasonably secure.

      Reference:
      https://issues.apache.org/jira/browse/DISPATCH-884

      Allow the deployer to configure the set of permitted TLS/SSL protocol versions that may be used in connections to the router.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  ganeshmurthy Ganesh Murthy
                  Reporter:
                  tedross Ted Ross
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  4 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: