Loading...

XML

Word

Printable

Details

Type: Epic
Resolution: Done
Priority: Major
Fix Version/s: 1.2.0.CR1
Affects Version/s: None
Component/s: Qpid Dispatch Router
Labels:
None

Epic Name:
ToDo fill in Epic name
Affects:

Documentation (Ref Guide, User Guide, etc.), Release Notes
Epic Status:
Done
Hierarchy Progress:
0
Hierarchy Progress Bar:

0% 0%
Release Note Text:
In this version of AMQ Interconnect, you can now specify the SSL/TLS protocol version to be used in connections. You can use this capability to block versions of the protocol that have been shown to have security vulnerabilities.
Release Note Status:
Documented as Feature Request
Target Release:

1.2.0.GA

SFDC Cases Links:
SFDC Cases Counter:

Description

User Story:
As a deployer, my company has a security policy that requires a particular version of TLS to be used in network security. I need to configure my routers to use only that TLS version. If there is no available subset between client and server, I expect a clear audit log entry to tell me that a connection failed. I expect the default value to be reasonably secure.

Reference:
https://issues.apache.org/jira/browse/DISPATCH-884

Allow the deployer to configure the set of permitted TLS/SSL protocol versions that may be used in connections to the router.

Attachments

Issue Links

relates to

AMQDOC-2946 Document capability to restrict TLS and SSL protocol versions used in connections

Closed

Activity

People

Assignee:: Ganesh Murthy

Reporter:: Ted Ross

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2018/03/23 9:59 AM

Updated:: 2020/12/18 3:24 PM

Resolved:: 2018/07/31 8:33 AM