Poodle issue fix needed for the jboss-eap-6.0
arkarthickraja Feb 5, 2016 12:40 PMHi,
I am using jboss-eap-6.0 and java version "1.8.0_51" , we were earlier using the SSL connection earler whcih was working fine and now trying to switch to TLS , to overcome the Poodle vulnerability.
After referring few articles i have added the ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA" in standalone.xml file, but getting the below error, can some one please help me to resolve the issue.
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<connector name="https" protocol="HTTP/1.1" scheme="https" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA" socket-binding="https" enable-lookups="false" secure="true">
<ssl name="https" key-alias="server" password="$PASSWORD_HERE}" certificate-key-file="CERT_FILE" protocol="TLSv1.2" verify-client="false" certificate-file="CERT_FILE" ca-certificate-file="CERT_FILE_LCOATION"/>
</connector>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
Please note i have replaced password,certificate related attribute values for security reason here.
Error log :
16:40:35,675 DEBUG [org.jboss.as.config] VM Arguments: -D[Standalone] -XX:+UseCompressedOops -Xms2250m -Xmx2250m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djboss.modules.system.pkgs= -Djava.awt.headless=true -Djboss.server.default.config=standalone.xml -Dorg.jboss.boot.log.file=/Boot_FILE_PATH/boot.log -Dlogging.configuration=file:/FILE_PATH/logging.properties
16:40:36,509 ERROR [org.jboss.as.server] JBAS015956: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: JBAS014676: Failed to parse configuration
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:141) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.server.ServerService.boot(ServerService.java:270) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:156) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_09]
Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[186,13]
Message: JBAS014788: Unexpected attribute 'ciphers' encountered
at org.jboss.as.controller.parsing.ParseUtils.unexpectedAttribute(ParseUtils.java:104) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.web.WebSubsystemParser.parseConnector(WebSubsystemParser.java:820)
at org.jboss.as.web.WebSubsystemParser.readElement(WebSubsystemParser.java:325)
at org.jboss.as.web.WebSubsystemParser.readElement(WebSubsystemParser.java:65)
at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]
at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.handleAny(XMLExtendedStreamReaderImpl.java:69) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]
at org.jboss.as.server.parsing.StandaloneXml.parseServerProfile(StandaloneXml.java:905) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.server.parsing.StandaloneXml.readServerElement_1_1(StandaloneXml.java:331) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:127) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:99) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]
at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:133) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]
... 3 more
16:40:36,518 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.