Menu
▾
▴
ejbca-develop
|
From: Michael S. <mi...@st...> - 2013-10-21 09:49:40
|
HI! We're running ejbca 4.0.11 with jboss-5.1.0.GA. Any chance to get this setup working with an update to OpenJDK 7? Ciao, Michael. |
|
From: Tomas G. <to...@pr...> - 2013-10-21 15:03:10
|
It's programming, everything is possible :-). Realistically though, probably not. Jboss 5.1.0.ga does not start on JDK 7. Cheers, Tomas "Michael Ströder" <mi...@st...> wrote: >HI! > >We're running ejbca 4.0.11 with jboss-5.1.0.GA. >Any chance to get this setup working with an update to OpenJDK 7? > >Ciao, Michael. > > > >------------------------------------------------------------------------------ >October Webinars: Code for Performance >Free Intel webinars can help you accelerate application performance. >Explore tips for MPI, OpenMP, advanced profiling, and more. Get the >most from >the latest Intel processors and coprocessors. See abstracts and >register > >http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop -- PrimeKey Solutions AB Internet: www.primekey.se Twitter: twitter.com/primekeyPKI Mob: +46 (0)707421096 |
|
From: Michael S. <mi...@st...> - 2013-10-21 15:52:15
|
On Mon, 21 Oct 2013 17:02:53 +0200 Tomas Gustavsson <to...@pr...> wrote > It's programming, everything is possible :-). Realistically though, > probably not. Jboss 5.1.0.ga does not start on JDK 7. Thanks for your quick answer. So for updating to JDK7 due to recent security issues and EOL of JDK6 one has to update JBOSS too. But what about community version ejbca 4.0.x itself? Would this run on JDK7? Ciao, Michael. |
|
From: Tomas G. <to...@pr...> - 2013-10-21 17:56:49
|
It is only Oracle JDK 6 that is eol, open JDK is still supported by RedHat etc. RedHat have patches for jboss 5 to run with JDK 7, as for EJBCA 4, I do not know. EJBCA will come with we releases later this year. Cheers, Tomas "Michael Ströder" <mi...@st...> wrote: >On Mon, 21 Oct 2013 17:02:53 +0200 Tomas Gustavsson <to...@pr...> >wrote >> It's programming, everything is possible :-). Realistically though, >> probably not. Jboss 5.1.0.ga does not start on JDK 7. > >Thanks for your quick answer. > >So for updating to JDK7 due to recent security issues and EOL of JDK6 >one has >to update JBOSS too. > >But what about community version ejbca 4.0.x itself? >Would this run on JDK7? > >Ciao, Michael. > > > >------------------------------------------------------------------------------ >October Webinars: Code for Performance >Free Intel webinars can help you accelerate application performance. >Explore tips for MPI, OpenMP, advanced profiling, and more. Get the >most from >the latest Intel processors and coprocessors. See abstracts and >register > >http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop -- PrimeKey Solutions AB Internet: www.primekey.se Twitter: twitter.com/primekeyPKI Mob: +46 (0)707421096 |
|
From: Tomas G. <to...@pr...> - 2013-10-21 18:14:09
|
For more information, see the blog series about EJBCA 6 at http://blog.ejbca.se/ /Tomas Tomas Gustavsson <to...@pr...> wrote: >It is only Oracle JDK 6 that is eol, open JDK is still supported by >RedHat etc. RedHat have patches for jboss 5 to run with JDK 7, as for >EJBCA 4, I do not know. >EJBCA will come with we releases later this year. > >Cheers, >Tomas > > >"Michael Ströder" <mi...@st...> wrote: >>On Mon, 21 Oct 2013 17:02:53 +0200 Tomas Gustavsson ><to...@pr...> >>wrote >>> It's programming, everything is possible :-). Realistically though, > >>> probably not. Jboss 5.1.0.ga does not start on JDK 7. >> >>Thanks for your quick answer. >> >>So for updating to JDK7 due to recent security issues and EOL of JDK6 >>one has >>to update JBOSS too. >> >>But what about community version ejbca 4.0.x itself? >>Would this run on JDK7? >> >>Ciao, Michael. >> >> >> >>------------------------------------------------------------------------------ >>October Webinars: Code for Performance >>Free Intel webinars can help you accelerate application performance. >>Explore tips for MPI, OpenMP, advanced profiling, and more. Get the >>most from >>the latest Intel processors and coprocessors. See abstracts and >>register > >>http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk >>_______________________________________________ >>Ejbca-develop mailing list >>Ejb...@li... >>https://lists.sourceforge.net/lists/listinfo/ejbca-develop > >-- >PrimeKey Solutions AB >Internet: www.primekey.se >Twitter: twitter.com/primekeyPKI >Mob: +46 (0)707421096 > >------------------------------------------------------------------------ > >------------------------------------------------------------------------------ >October Webinars: Code for Performance >Free Intel webinars can help you accelerate application performance. >Explore tips for MPI, OpenMP, advanced profiling, and more. Get the >most from >the latest Intel processors and coprocessors. See abstracts and >register > >http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk > >------------------------------------------------------------------------ > >_______________________________________________ >Ejbca-develop mailing list >Ejb...@li... >https://lists.sourceforge.net/lists/listinfo/ejbca-develop -- PrimeKey Solutions AB Internet: www.primekey.se Twitter: twitter.com/primekeyPKI Mob: +46 (0)707421096 |
|
From: Michael S. <mi...@st...> - 2013-10-23 20:32:08
Attachments:
smime.p7s
|
Tomas Gustavsson wrote: > It is only Oracle JDK 6 that is eol, open JDK is still supported by RedHat > etc. RedHat have patches for jboss 5 to run with JDK 7, as for EJBCA 4, I > do not know. EJBCA will come with we releases later this year. The RHEL pages for the Java security flaws are: https://access.redhat.com/security/cve/CVE-2013-5830 https://access.redhat.com/security/cve/CVE-2013-5782 Both lists the same errata pages which all mention java-1.7.0-openjdk or java-1.7.0-oracle as security fixes (even for RHEL5). So the big question is whether ejbca 4.0.x runs with e.g java-1.7.0-openjdk. Maybe I'm not familiar enough with JDK version numbering though. Ciao, Michael. |
|
From: Tomas G. <to...@pr...> - 2013-10-24 04:30:19
|
You will just have to try it out, I do not know. EJBCA 5 has been tested with JDK 7, that I know. I haven't tested EJBCA 4 myself at least, perhaps someone else has? You should of course make a risk assessment on your particular setup, to know the attack vectors on your system. It differs a lot between different configurations. Cheers, Tomas "Michael Ströder" <mi...@st...> wrote: >Tomas Gustavsson wrote: >> It is only Oracle JDK 6 that is eol, open JDK is still supported by >RedHat >> etc. RedHat have patches for jboss 5 to run with JDK 7, as for EJBCA >4, I >> do not know. EJBCA will come with we releases later this year. > >The RHEL pages for the Java security flaws are: > >https://access.redhat.com/security/cve/CVE-2013-5830 >https://access.redhat.com/security/cve/CVE-2013-5782 > >Both lists the same errata pages which all mention java-1.7.0-openjdk >or >java-1.7.0-oracle as security fixes (even for RHEL5). > >So the big question is whether ejbca 4.0.x runs with e.g >java-1.7.0-openjdk. >Maybe I'm not familiar enough with JDK version numbering though. > >Ciao, Michael. -- PrimeKey Solutions AB Internet: www.primekey.se Twitter: twitter.com/primekeyPKI Mob: +46 (0)707421096 |
|
From: Michael S. <mi...@st...> - 2013-10-24 07:43:06
Attachments:
smime.p7s
|
Tomas Gustavsson wrote: > You will just have to try it out, I do not know. EJBCA 5 has been tested > with JDK 7, that I know. I haven't tested EJBCA 4 myself at least, perhaps > someone else has? I'd also like to hear from others how they upgrade their Java installation. > You should of course make a risk assessment on your particular setup, to > know the attack vectors on your system. It differs a lot between different > configurations. Risk assessment is pretty difficult in this case: Oracle currently still keeps details secret. The only information we have is that there are two security issues listed with CVSS v2 Base Score 10.0 which also affect server deployments. I really wonder how others are dealing with that. Ciao, Michael. > "Michael Ströder" <mi...@st...> wrote: >> Tomas Gustavsson wrote: >>> It is only Oracle JDK 6 that is eol, open JDK is still supported by >> RedHat >>> etc. RedHat have patches for jboss 5 to run with JDK 7, as for EJBCA >> 4, I >>> do not know. EJBCA will come with we releases later this year. >> >> The RHEL pages for the Java security flaws are: >> >> https://access.redhat.com/security/cve/CVE-2013-5830 >> https://access.redhat.com/security/cve/CVE-2013-5782 >> >> Both lists the same errata pages which all mention java-1.7.0-openjdk >> or >> java-1.7.0-oracle as security fixes (even for RHEL5). >> >> So the big question is whether ejbca 4.0.x runs with e.g >> java-1.7.0-openjdk. >> Maybe I'm not familiar enough with JDK version numbering though. >> >> Ciao, Michael. |
