[#PETALSDISTRIB-472] Moved SSL certificate keys from DSA to RSA - Petals Link JIRA

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 5.2.0, CP-5.2.0
Fix Version/s: 5.3.0, CP-5.3.0
Component/s: Clients, Components, Container, Packaging, Registry Overlay, Shared library, Tools
Security Level: Public

Description:

Hide

By default with Java 11, TLSv1.3 is activated for SSL. As DSA certificates are not supported anymore in TLS1.3, new SSL certificates must be created and used based on RSA.

See: https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-sockets-fail-on-a-handshake-failure-error-with-tlsv1-3-enable

Show
By default with Java 11, TLSv1.3 is activated for SSL. As DSA certificates are not supported anymore in TLS1.3, new SSL certificates must be created and used based on RSA. See: https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-sockets-fail-on-a-handshake-failure-error-with-tlsv1-3-enable

Environment:

-

Issue Links

Depends

This issue blocks:
~~PETALSBCSOAP-221~~ Move to Java 11
~~PETALSDISTRIB-416~~ Move to Java 11

Activity

Ascending order - Click to sort in descending order

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:14:11 +0100

Field	Original Value	New Value
Status	New [ 10000 ]	Open [ 10002 ]
Priority		Major [ 3 ]

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:14:14 +0100

Status

Open [ 10002 ]

In Progress [ 10003 ]

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:14:26 +0100

Link

This issue blocks ~~PETALSDISTRIB-416~~ [ ~~PETALSDISTRIB-416~~ ]

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:14:48 +0100

Description

By default with Java 11, TLSv1.3 is activated for SSL. As DSA certificates are not supported anymore in TLS1.3, new SSL certificates must be created and used based on RSA.

By default with Java 11, TLSv1.3 is activated for SSL. As DSA certificates are not supported anymore in TLS1.3, new SSL certificates must be created and used based on RSA.

See: https://stackoverflow.com/questions/57601284/java-11-and-12-ssl-sockets-fail-on-a-handshake-failure-error-with-tlsv1-3-enable

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:15:53 +0100

Link

This issue blocks ~~PETALSBCSOAP-221~~ [ ~~PETALSBCSOAP-221~~ ]

Hide

Permalink

Christophe DENEUX added a comment - Fri, 5 Mar 2021 - 10:16:36 +0100

SSL certificate key of unit tests of Petals BC SOAP upgraded in trunk

Show

Christophe DENEUX added a comment - Fri, 5 Mar 2021 - 10:16:36 +0100 SSL certificate key of unit tests of Petals BC SOAP upgraded in trunk

Christophe DENEUX made changes - Fri, 5 Mar 2021 - 10:16:36 +0100

Status	In Progress [ 10003 ]	Resolved [ 10004 ]
Fix Version/s		5.3.0 [ 10908 ]
Fix Version/s		CP-5.3.0 [ 10909 ]
Resolution		Fixed [ 1 ]

Transition

Status Change Time

Execution Times

Last Executer

Last Execution Date

New

Open

Christophe DENEUX

Fri, 5 Mar 2021 - 10:14:11 +0100

Open

In Progress

Christophe DENEUX

Fri, 5 Mar 2021 - 10:14:14 +0100

In Progress

Resolved

2m 22s

Christophe DENEUX

Fri, 5 Mar 2021 - 10:16:36 +0100

People

Assignee:

Christophe DENEUX

Reporter:

Christophe DENEUX
Watchers:

0

Dates

Created:

Fri, 5 Mar 2021 - 10:14:03 +0100

Updated:

Fri, 5 Mar 2021 - 10:16:36 +0100

Resolved:

Fri, 5 Mar 2021 - 10:16:36 +0100

Petals Distribution

Moved SSL certificate keys from DSA to RSA

Details

Issue Links

Activity

People

Dates