Check encryption protocol & cipher suite configuration against currently available ones.
Description
By default, Openfire uses a default set of encryption protocols and cipher suites. An administrator can override these defaults with a list of his own. Typically, that list is composed from broader lists of supported protocols/cipher suites, also exposed by Openfire.
However, it is possible to manually add protocols and/or cipher suites that are not supported at all - or, when a different JRE is installed, the list of supported protocols/cipher suites might change, which could also introduce illegal/unsupported values in the administrative override.
When an administrative override is used, a check should be performed to see if each entry is currently supported by the JVM.
Environment
None
Activity
Show:
Guus der Kinderen March 23, 2016 at 7:37 PM
This issue is likely responsible for the logged error messages like these:
By default, Openfire uses a default set of encryption protocols and cipher suites. An administrator can override these defaults with a list of his own. Typically, that list is composed from broader lists of supported protocols/cipher suites, also exposed by Openfire.
However, it is possible to manually add protocols and/or cipher suites that are not supported at all - or, when a different JRE is installed, the list of supported protocols/cipher suites might change, which could also introduce illegal/unsupported values in the administrative override.
When an administrative override is used, a check should be performed to see if each entry is currently supported by the JVM.