Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[LabKey Cloud] issue 49843: update ciphers #73

Merged
merged 8 commits into from
Mar 18, 2024
Merged

[LabKey Cloud] issue 49843: update ciphers #73

merged 8 commits into from
Mar 18, 2024

Conversation

labkey-willm
Copy link
Contributor

@labkey-willm labkey-willm commented Mar 13, 2024
edited
Loading

Rationale

https://www.labkey.org/home/Developer/issues/Secure/issues-details.view?issueId=49843

default ciphers were out of date for tomcat 10. Updated per: https://tomcat.apache.org/tomcat-10.1-doc/config/http.html#SSL_Support_-_SSLHostConfig

also, latest docker-compose was resolving all the IDENT vars in the docker-compose.yml at once, so it thought there were conflicts. Had to uniquify.

Related Pull Requests

Changes

@labkey-willm labkey-willm self-assigned this Mar 13, 2024
@labkey-willm labkey-willm changed the title update ciphers issue 49843: update ciphers Mar 13, 2024
@labkey-willm labkey-willm changed the title issue 49843: update ciphers [LabKey Cloud] issue 49843: update ciphers Mar 13, 2024
labkey-jeckels
labkey-jeckels approved these changes Mar 15, 2024
View reviewed changes
Copy link
Contributor

@labkey-jeckels labkey-jeckels left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll capture more detailed feedback in the issue, but I can't see a way to get an A rating from SSL Labs without getting a warning from Tomcat. I hate the spam in the log, but if I have to choose, I'd rather improve security than suppress the log message.

Dockerfile Outdated Show resolved Hide resolved
application.properties Outdated Show resolved Hide resolved
application.properties Show resolved Hide resolved
docker-compose.yml Outdated Show resolved Hide resolved
labkey-willm and others added 3 commits March 15, 2024 15:17
@labkey-willm @labkey-jeckels
Update Dockerfile with suggested ciphers
15df259 
Co-authored-by: Josh Eckels <jeckels@labkey.com>
@labkey-willm @labkey-jeckels
Update application.properties with suggested ciphers
dad9a95 
Co-authored-by: Josh Eckels <jeckels@labkey.com>
@labkey-willm
revert accidental logging change
5ca8364
@labkey-willm labkey-willm merged commit a800169 into release24.3-SNAPSHOT Mar 18, 2024
1 check passed
@labkey-willm labkey-willm deleted the 24.3_fb_24.3_update_ciphers branch March 18, 2024 16:34
This was referenced Mar 22, 2024
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@labkey-jeckels labkey-jeckels labkey-jeckels approved these changes

@labkey-stuartm labkey-stuartm labkey-stuartm approved these changes

Assignees

@labkey-willm labkey-willm

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@labkey-willm @labkey-jeckels @labkey-stuartm @labkey-teamcity