Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-8660

Add GCM mode ciphers for outgoing peer connections

    Details

    • Provenance:
      Ordered by Customer
    • Sprint:
      EJBCA Team Bob - 2019 w42, EJBCA Team Bob - 2019 w45

      Description

      Since we require Java 8 for EJBCA now, we should support GCM ciphers for outgoing peer connections, as those ciphers are supported by this Java version.

      This can be fixed by changing the "authkeybind.ciphersuite" properties in src/java/defaultvalues.properties to the following:

      authkeybind.ciphersuite.0=TLSv1.2;TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
      authkeybind.ciphersuite.1=TLSv1.2;TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
      authkeybind.ciphersuite.2=TLSv1.2;TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
      authkeybind.ciphersuite.3=TLSv1.2;TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      authkeybind.ciphersuite.4=TLSv1.2;TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
      authkeybind.ciphersuite.5=TLSv1.2;TLS_RSA_WITH_AES_256_CBC_SHA256
      authkeybind.ciphersuite.6=TLSv1.2;TLS_RSA_WITH_AES_128_CBC_SHA
      authkeybind.ciphersuite.7=TLSv1;TLS_DHE_RSA_WITH_AES_256_CBC_SHA
      authkeybind.ciphersuite.8=TLSv1;TLS_RSA_WITH_AES_256_CBC_SHA
      authkeybind.ciphersuite.9=TLSv1;TLS_RSA_WITH_AES_128_CBC_SHA
      

      (I.e. add the last four lines, 5-9)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              samuel Samuel Lidén Borell
              Reporter:
              samuel Samuel Lidén Borell
              Verified by:
              Amin Khorsandi
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 2 hours
                  2h
                  Remaining:
                  Time Spent - 15 minutes Remaining Estimate - 1 hour, 45 minutes
                  1h 45m
                  Logged:
                  Time Spent - 15 minutes Remaining Estimate - 1 hour, 45 minutes
                  15m