[
https://issues.redhat.com/browse/WFWIP-339?page=com.atlassian.jira.plugin...
]
Jan Stourac updated WFWIP-339:
------------------------------
Description:
It looks like the OpenSSL security provider is now used as a default when I configure
reverse-proxy feature on the server. Not sure what is the root-cause for this change of
behavior.
Attaching relevant configuration. There can be also seen that during the startup, relevant
log message about OpenSSL provider is logged during the server boot, e.g.:
{quote}
16:44:42,676 INFO [org.wildfly.openssl.SSL] (MSC service thread 1-3) WFOPENSSL0002
OpenSSL Version OpenSSL 1.0.2h-fips 3 May 2016
{quote}
There are two questions from this:
# Is this change of OpenSSL provider being initialized during the boot in this
configuration case expected?
# I believe that even in case that answer to question above is `yes`, then we should not
change default security provider, which in this case it should be JSSE.
Hope I don't have any misconfiguration in the configuration itself.
was:
It looks like the OpenSSL security provider is now used as a default when I configure
reverse-proxy feature on the server. Not sure what is the root-cause for this change of
behavior.
Attaching relevant configuration. There can be also seen that during the startup, relevant
log message about OpenSSL provider is logged during the server boot, e.g.:
{quote}
16:44:42,676 INFO [org.wildfly.openssl.SSL] (MSC service thread 1-3) WFOPENSSL0002
OpenSSL Version OpenSSL 1.0.2h-fips 3 May 2016
{quote}
OpenSSL security provider seems to be used when not defined now
---------------------------------------------------------------
Key: WFWIP-339
URL:
https://issues.redhat.com/browse/WFWIP-339
Project: WildFly WIP
Issue Type: Bug
Components: Security
Reporter: Jan Stourac
Assignee: Farah Juma
Priority: Major
Attachments: client.jks, server.jks, standalone-full.xml
It looks like the OpenSSL security provider is now used as a default when I configure
reverse-proxy feature on the server. Not sure what is the root-cause for this change of
behavior.
Attaching relevant configuration. There can be also seen that during the startup,
relevant log message about OpenSSL provider is logged during the server boot, e.g.:
{quote}
16:44:42,676 INFO [org.wildfly.openssl.SSL] (MSC service thread 1-3) WFOPENSSL0002
OpenSSL Version OpenSSL 1.0.2h-fips 3 May 2016
{quote}
There are two questions from this:
# Is this change of OpenSSL provider being initialized during the boot in this
configuration case expected?
# I believe that even in case that answer to question above is `yes`, then we should not
change default security provider, which in this case it should be JSSE.
Hope I don't have any misconfiguration in the configuration itself.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)