1 Reply Latest reply on Feb 5, 2016 12:51 PM by Tomaz Cerar

    Poodle issue fix needed for the jboss-eap-6.0

    Karthikraja R Newbie

      Hi,

      I am using jboss-eap-6.0 and  java version "1.8.0_51" , we were earlier using the SSL connection earler whcih was working fine and now trying to switch to TLS , to overcome the Poodle vulnerability.

      After referring few articles i have added the ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA" in standalone.xml file, but getting the below  error, can some one please help me to resolve the issue.

       

      <subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">

                  <connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>

                  <connector name="https" protocol="HTTP/1.1" scheme="https" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA" socket-binding="https" enable-lookups="false" secure="true">

                      <ssl name="https" key-alias="server" password="$PASSWORD_HERE}" certificate-key-file="CERT_FILE"  protocol="TLSv1.2" verify-client="false" certificate-file="CERT_FILE" ca-certificate-file="CERT_FILE_LCOATION"/>

                  </connector>

                  <virtual-server name="default-host" enable-welcome-root="true">

                      <alias name="localhost"/>

                      <alias name="example.com"/>

                  </virtual-server>

              </subsystem>

      Please note i have replaced password,certificate related attribute values for security reason here.

       

      Error log :

      16:40:35,675 DEBUG [org.jboss.as.config] VM Arguments: -D[Standalone] -XX:+UseCompressedOops -Xms2250m -Xmx2250m -XX:MaxPermSize=256m -Djava.net.preferIPv4Stack=true -Dorg.jboss.resolver.warning=true -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djboss.modules.system.pkgs= -Djava.awt.headless=true -Djboss.server.default.config=standalone.xml -Dorg.jboss.boot.log.file=/Boot_FILE_PATH/boot.log -Dlogging.configuration=file:/FILE_PATH/logging.properties

      16:40:36,509 ERROR [org.jboss.as.server] JBAS015956: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: JBAS014676: Failed to parse configuration

      at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:141) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.server.ServerService.boot(ServerService.java:270) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:156) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_09]

      Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[186,13]

      Message: JBAS014788: Unexpected attribute 'ciphers' encountered

      at org.jboss.as.controller.parsing.ParseUtils.unexpectedAttribute(ParseUtils.java:104) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.web.WebSubsystemParser.parseConnector(WebSubsystemParser.java:820)

      at org.jboss.as.web.WebSubsystemParser.readElement(WebSubsystemParser.java:325)

      at org.jboss.as.web.WebSubsystemParser.readElement(WebSubsystemParser.java:65)

      at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]

      at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.handleAny(XMLExtendedStreamReaderImpl.java:69) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]

      at org.jboss.as.server.parsing.StandaloneXml.parseServerProfile(StandaloneXml.java:905) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.server.parsing.StandaloneXml.readServerElement_1_1(StandaloneXml.java:331) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:127) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:99) [jboss-as-server-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]

      at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) [staxmapper-1.1.0.Final-redhat-1.jar:1.1.0.Final-redhat-1]

      at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:133) [jboss-as-controller-7.1.2.Final-redhat-1.jar:7.1.2.Final-redhat-1]

      ... 3 more

       

       

      16:40:36,518 FATAL [org.jboss.as.server] JBAS015957: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.