Uploaded image for project: 'PUBLIC - Liferay Portal Enterprise Edition'
  1. PUBLIC - Liferay Portal Enterprise Edition
  2. LPE-16580

[TLS] Outbound HTTPS connections do not honor https.protocols system property

    Details

    • Fix Pack Status:
      Scheduled
    • 7.0 Fix Pack Version:
      64
    • 7.1 Fix Pack Version:
      4

      Description

      Please visit https://help.liferay.com/hc/en-us/articles/360019140811 or https://community.liferay.com/blogs/-/blogs/liferay-security-announcement-tls-v1-0 for further information.

      The following Java system properties are now supported and have been added to 'system.properties':

      ##
      ## HTTPS
      ##
      
          #
          # Input a list of comma delimited HTTPS cipher suites allowed for HTTPS
          # connection to a 3rd party server.
          #
          #https.cipherSuites=
      
          #
          # Input a list of comma delimited protocols allowed for HTTPS connection to
          # a 3rd party server. For example -Dhttps.protocols=TLSv1.1,TLSv1.2 disables
          # outbound TLS 1.0 connections.
          #
          #https.protocols=
      

      When do you need this fix?

      • Deployments running on Java 8 may want to apply this fix to disable TLS 1.0 for outbound HTTPS requests. TLS 1.1 and 1.2 are enabled by default in Java 8. >>> Recommended.
      • Deployments running on Java 7 requires this fix in order to enable TLS 1.1/1.2 (and also to disable TLS 1.0) for outbound HTTPS connections unless using Java 7u111. >>> Required.

        Attachments

          Activity

            People

            • Assignee:
              joshua.cords Joshua Cords
              Reporter:
              EnterpriseReleaseHU Enterprise Release HU
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Packages

                Version Package
                6.1.X EE
                6.2.X EE
                7.0.X EE
                7.1.x EE