Bug #12380
closed
Task #11847: APIM 420 related bugs and improvements
API publishing is getting fail when ignoreHostnameVerification flag is false
100%
Description
In a cloud deployment, the ignoreHostnameVerification flag must be false.
Inside:
Hostname verification is a little known part of HTTPS that involves a server identity check to ensure that the client is talking to the correct server and has not been redirected by a man in the middle attack
Updated by Rajitha Kumara 2 months ago
- % Done changed from 0 to 100
- Type set to Platform
Fix : https://github.com/entgra/device-mgt-core/pull/21, https://github.com/entgra-proprietary/product-uem/pull/7
Starting with Java 8u31, SSLv3 was disabled by default in Java. Later versions, including Java 11 and beyond, completely removed support for SSLv3. (security vulnerability - AKA POODLE)
The followings were carried out,- Removed deprecated okhttp ssl socket factory creation method and updated it to newer.
- Fix OSGi issues when package activating
- Update transport layer security to TLSv1.2 standards (removed SSLv3)
Updated by Rajitha Kumara 2 months ago
Updated by Arshana Atapattu about 2 months ago
- Status changed from QA Accept to Closed
Closing due to QA accept
Updated by Rajitha Kumara about 2 months ago
Make sure to define the tls.protocol system property in the iot-server script.