Details

      Description

      We're getting unit test failures in Jenkins resulting from Java 1.7.0 Update 75. In the release notes [1], and CVE-2014-3566 [2] they mention the following:

      Starting with the January 20, 2015 Critical Patch Update releases (JDK 8u31, JDK 7u75, JDK 6u91 and above) the Java Runtime Environment has SSLv3 disabled by default.

      And

      SSLv3 is disabled by default
      Starting with JDK 7u75 release, the SSLv3 protocol (Secure Socket Layer) has been deactivated and is not available by default. See the java.security.Security property jdk.tls.disabledAlgorithms in <JRE_HOME>/lib/security/java.security file.

      If SSLv3 is absolutely required, the protocol can be reactivated by removing "SSLv3" from the jdk.tls.disabledAlgorithms property in the java.security file or by dynamically setting this Security property to "true" before JSSE is initialized.

      [1]: http://www.oracle.com/technetwork/java/javase/7u75-relnotes-2389086.html
      [2]: http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jeff Jeff McCune
                QA Contact:
                Stan Duffy
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Zendesk Support