From 14b418e5285f014f07b6fc28ac1e15a71567eff5 Mon Sep 17 00:00:00 2001 From: 11rx4f Date: Wed, 6 Oct 2021 18:34:43 +0900 Subject: [PATCH] Fix #23650 SSLHandshakeException occured when execute start-domain after enable-secure-admin Signed-off-by: 11rx4f --- .../ssl/SSLClientConfigurator.java | 10 +++++++ .../admin/mbeanserver/ssl/SSLParams.java | 27 +++++++++++++++++++ 2 files changed, 37 insertions(+) diff --git a/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLClientConfigurator.java b/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLClientConfigurator.java index c35930e0a9b..a4a47a49f05 100644 --- a/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLClientConfigurator.java +++ b/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLClientConfigurator.java @@ -1,5 +1,6 @@ /* * Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2021 Contributors to the Eclipse Foundation * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at @@ -402,6 +403,15 @@ private void configureCiphersAndProtocols() { if (sslParams.getTlsEnabled()) { tmpSSLArtifactsList.add("TLSv1"); } + if (sslParams.getTls11Enabled()) { + tmpSSLArtifactsList.add("TLSv1.1"); + } + if (sslParams.getTls12Enabled()) { + tmpSSLArtifactsList.add("TLSv1.2"); + } + if (sslParams.getTls13Enabled()) { + tmpSSLArtifactsList.add("TLSv1.3"); + } if (sslParams.getSsl3Enabled() || sslParams.getTlsEnabled()) { tmpSSLArtifactsList.add("SSLv2Hello"); } diff --git a/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLParams.java b/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLParams.java index fd09c7d835d..1bcdcb750a0 100644 --- a/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLParams.java +++ b/nucleus/common/mbeanserver/src/main/java/org/glassfish/admin/mbeanserver/ssl/SSLParams.java @@ -1,5 +1,6 @@ /* * Copyright (c) 1997, 2018 Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2021 Contributors to the Eclipse Foundation * * This program and the accompanying materials are made available under the * terms of the Eclipse Public License v. 2.0, which is available at @@ -61,6 +62,9 @@ public class SSLParams { private Boolean ssl3Enabled = true; private String ssl3TlsCiphers; private Boolean tlsEnabled=true; + private Boolean tls11Enabled=true; + private Boolean tls12Enabled=true; + private Boolean tls13Enabled=true; private Boolean tlsRollBackEnabled=false; @@ -295,10 +299,33 @@ public Boolean getTlsEnabled() { return tlsEnabled; } + public Boolean getTls11Enabled() { + return tls11Enabled; + } + + public Boolean getTls12Enabled() { + return tls12Enabled; + } + + public Boolean getTls13Enabled() { + return tls13Enabled; + } + public void setTlsEnabled(String tlsEnabled) { this.tlsEnabled = Boolean.parseBoolean(tlsEnabled); } + public void setTls11Enabled(String tls11Enabled) { + this.tls11Enabled = Boolean.parseBoolean(tls11Enabled); + } + + public void setTls12Enabled(String tls12Enabled) { + this.tls12Enabled = Boolean.parseBoolean(tls12Enabled); + } + + public void setTls13Enabled(String tls13Enabled) { + this.tls13Enabled = Boolean.parseBoolean(tls13Enabled); + } /** * Determines whether TLS rollback is enabled. TLS rollback should be enabled for Microsoft Internet Explorer 5.0