Admins should be able to configure cryptographical protocols & cypher suites

Description

The cryptographical protocols & cypher suites that we allow is now based on a hardcoded list. Administrative users should be able to configure this instead.

Environment

None

Linked work items

is related to

OF-509

Unable to disable weak ciphers

Activity

Show:

Guus der Kinderen January 7, 2016 at 10:09 PM

i18n in https://github.com/igniterealtime/Openfire/pull/499

Guus der Kinderen January 7, 2016 at 7:08 AM

Yes, it's already in the source.

On the admin panel, open one of the pages that configures connections (for example Server -> Server Settings -> Client Connections). Per port, there now is an "advanced settings" link. Click on that, scroll down (certificate settings won't be shown unless you have STARTTLS disabled in a plain-content connection. In that case, toggling the STARTTLS setting will make more options appear).

wroot January 7, 2016 at 4:41 AM

Is this already applied to the source and if so, where exactly in Admin Console are these settings?

Guus der Kinderen January 5, 2016 at 11:15 AM

Functionality has been added to the admin console. Further i18n is needed.

Resize issue view side panel

Fixed

Assignee

Guus der Kinderen

Reporter

Guus der Kinderen

Components

Fix versions

4.0.0

Priority

Minor

Created October 22, 2015 at 10:49 AM

Updated January 7, 2016 at 10:09 PM

Resolved January 7, 2016 at 10:09 PM