Deutsch | English

[Ach] Recommendation for PuppetDB / JDK

Aaron Zauner azet at azet.org
Fri Nov 21 14:47:27 CET 2014


Hi Tim

Tim wrote:
> Hey guys,
> 
> first of all, thanks for your greate guide!
> 
> I'm running PuppetDB which is a software running in a JVM. It supports
> SSL crypted connections
> (https://docs.puppetlabs.com/puppetdb/latest/configure.html#cipher-suites)
> and uses the JDK crypto provider
> (https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites
> ). Can anybody of you recommend secure settings for PuppetDB/JDK in general?

Is there anything that the recommendations in our paper do not reflect
w.r.t. PuppetDB? I use it myself, it's pretty much just setting the
proper JVM ciphersettings. If you use Java7-8 there should not be much
of an issue.

Aaron

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141121/b89a3db2/attachment.sig>


More information about the Ach mailing list
Kontakt
Email: reports@cert.at
Tel.: +43 1 5056416 78
mehr ...
Warnungen
mehr ...
Blog
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

(HTML, PDF).
Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung