now with both JSS and Tomcatjss supporting latest TLS range and ciphers, http://koji.fedoraproject.org/koji/buildinfo?buildID=581844 http://koji.fedoraproject.org/koji/buildinfo?buildID=581894
Although configuration can always be manually changed, I think it would be better if we provide a reasonable set of configuration in the server.xml of our subsystems by default.
This means modification to pki-core.
Based upon CS/DS meeting of 11/10/2014: 10.2.2
possible affected bugs/tickets: https://bugzilla.redhat.com/show_bug.cgi?id=1158410 https://fedorahosted.org/freeipa/ticket/4676 https://fedorahosted.org/freeipa/ticket/1197 ?
checked into master: commit 025e4e643911dcb277d9d0efb0e6d7533a679e71 Author: Christina Fu cfu@redhat.com Date: Fri Nov 21 17:30:55 2014 -0800
Ticket 1198 Bugzilla 1158410 add TLS range support to server.xml by default and upgrade
... To ssh://git.fedorahosted.org/git/pki.git c0e3716..025e4e6 master -> master
master checkin (spec file jss tomcatjss dependencies fix): commit 7260d6c1568d77bb2ab3de9264006b411b505cc6 Author: Christina Fu cfu@redhat.com Date: Mon Nov 24 14:00:56 2014 -0800
Ticket 1198 Bugzilla 1158410 add TLS range support (spec file jss tomcat
... To ssh://git.fedorahosted.org/git/pki.git 025e4e6..7260d6c master -> master
commit 41c59ddc8ab2d6ecc6b0da55064649143c0379fe Author: Christina Fu cfu@redhat.com Date: Mon Nov 24 16:46:45 2014 -0800
Ticket 1198 Bugzilla 1158410 TLS support: provide proper TLS default valu
... To ssh://git.fedorahosted.org/git/pki.git d06fa6e..41c59dd DOGTAG_10_2_0_BRANCH -> DOGTAG_10_2_0_BRANCH
commit 40c2108cd3ebde690209b0b60d348dd16eb2162a Author: Christina Fu cfu@redhat.com Date: Mon Nov 24 18:10:35 2014 -0800
Ticket 1198 upgrade - file name fix from .ignore to .gitignore
... To ssh://git.fedorahosted.org/git/pki.git 41c59dd..40c2108 DOGTAG_10_2_0_BRANCH -> DOGTAG_10_2_0_BRANCH
commit 439cf464e1dced1219e9a4494c0bfd0473ead082 Author: Christina Fu cfu@redhat.com Date: Mon Nov 24 18:30:36 2014 -0800
Ticket 1198 Bugzilla 1158410 (part 1) TLS support: provide proper TLS def
... To ssh://git.fedorahosted.org/git/pki.git 014fe32..439cf46 DOGTAG_10_1_BRANCH -> DOGTAG_10_1_BRANCH
Metadata Update from @cfu: - Issue assigned to cfu - Issue set to the milestone: 10.2.2
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1760
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.