![]() |
|
|
|
|
Issue Type:
|
![Improvement]() Improvement
|
|
Affects Versions:
|
current |
|
Assignee:
|
Unassigned |
|
Components:
|
core |
|
Created:
|
22/Jul/14 1:40 PM
|
|
Description:
|
sslscan detects following weak (<128bits) ciphers (when using jetty/https):
Supported Server Cipher(s):
Accepted SSLv3 56 bits EDH-RSA-DES-CBC-SHA
Accepted SSLv3 56 bits DES-CBC-SHA
Accepted SSLv3 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-DES-CBC-SHA
Accepted SSLv3 40 bits EXP-RC4-MD5
Accepted TLSv1 56 bits EDH-RSA-DES-CBC-SHA
Accepted TLSv1 56 bits DES-CBC-SHA
Accepted TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-DES-CBC-SHA
Accepted TLSv1 40 bits EXP-RC4-MD5
Some IT departements are rather strict and do not allow weak ciphers.
An option in /etc/default/jenkins allowing to set jetty's 'excludeCipherSuites' (or to disable all weak ciphers) would be great.
|
|
Environment:
|
Debian wheezy amd64
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
aeschbacher
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/d/optout.
