Issue #1198: TLS support: provide proper TLS default values and ciphers in server.xml - dogtagpki

dogtagpki

#1198 TLS support: provide proper TLS default values and ciphers in server.xml

Closed: Fixed None Opened 9 years ago by cfu.

now with both JSS and Tomcatjss supporting latest TLS range and ciphers,
http://koji.fedoraproject.org/koji/buildinfo?buildID=581844
http://koji.fedoraproject.org/koji/buildinfo?buildID=581894

Although configuration can always be manually changed,
I think it would be better if we provide a reasonable set of configuration in the server.xml of our subsystems by default.

This means modification to pki-core.

mharmsen commented 9 years ago

Based upon CS/DS meeting of 11/10/2014: 10.2.2

cfu commented 9 years ago

possible affected bugs/tickets:
https://bugzilla.redhat.com/show_bug.cgi?id=1158410
https://fedorahosted.org/freeipa/ticket/4676
https://fedorahosted.org/freeipa/ticket/1197 ?

cfu commented 9 years ago

checked into master:
commit 025e4e643911dcb277d9d0efb0e6d7533a679e71
Author: Christina Fu cfu@redhat.com
Date: Fri Nov 21 17:30:55 2014 -0800

Ticket 1198 Bugzilla 1158410 add TLS range support to server.xml by default and upgrade

...
To ssh://git.fedorahosted.org/git/pki.git
c0e3716..025e4e6 master -> master

cfu commented 9 years ago

master checkin (spec file jss tomcatjss dependencies fix):
commit 7260d6c1568d77bb2ab3de9264006b411b505cc6
Author: Christina Fu cfu@redhat.com
Date: Mon Nov 24 14:00:56 2014 -0800

Ticket 1198 Bugzilla 1158410 add TLS range support (spec file jss tomcat

...
To ssh://git.fedorahosted.org/git/pki.git
025e4e6..7260d6c master -> master

cfu commented 9 years ago

commit 41c59ddc8ab2d6ecc6b0da55064649143c0379fe
Author: Christina Fu cfu@redhat.com
Date: Mon Nov 24 16:46:45 2014 -0800

Ticket 1198 Bugzilla 1158410 TLS support: provide proper TLS default valu

...
To ssh://git.fedorahosted.org/git/pki.git
d06fa6e..41c59dd DOGTAG_10_2_0_BRANCH -> DOGTAG_10_2_0_BRANCH

cfu commented 9 years ago

commit 40c2108cd3ebde690209b0b60d348dd16eb2162a
Author: Christina Fu cfu@redhat.com
Date: Mon Nov 24 18:10:35 2014 -0800

Ticket 1198 upgrade - file name fix from .ignore to .gitignore

...
To ssh://git.fedorahosted.org/git/pki.git
41c59dd..40c2108 DOGTAG_10_2_0_BRANCH -> DOGTAG_10_2_0_BRANCH

cfu commented 9 years ago

commit 439cf464e1dced1219e9a4494c0bfd0473ead082
Author: Christina Fu cfu@redhat.com
Date: Mon Nov 24 18:30:36 2014 -0800

Ticket 1198 Bugzilla 1158410 (part 1) TLS support: provide proper TLS def

...
To ssh://git.fedorahosted.org/git/pki.git
014fe32..439cf46 DOGTAG_10_1_BRANCH -> DOGTAG_10_1_BRANCH

Metadata Update from @cfu:
- Issue assigned to cfu
- Issue set to the milestone: 10.2.2

7 years ago

dmoluguw commented 3 years ago

Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new
issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.

This issue has been cloned to GitHub and is available here:
https://github.com/dogtagpki/pki/issues/1760

If you want to receive further updates on the issue, please navigate to the
GitHub issue and click on Subscribe button.

Thank you for understanding, and we apologize for any inconvenience.

Metadata

Assignee

cfu

Tags

None

Blocking

None

Depending on

None

Priority

major

Milestone

10.2.2

lowhangingfruit

None

reporter

None

rhbz

None

type

defect

version

None

keywords

None

estimate

None

feature

None

origin

Community

proposedpriority

None

fixedinversion

None

platforms

None

blockedby

None

blocking

None

reviewer

None

component

General

proposedmilestone

None

dogtagpki

Source Code

#1198 TLS support: provide proper TLS default values and ciphers in server.xml Closed: Fixed None Opened 9 years ago by cfu.

Metadata

#1198 TLS support: provide proper TLS default values and ciphers in server.xml

Closed: Fixed None Opened 9 years ago by cfu.