Logstash Lumberjack uses insecure cipher


(Felix Wong) #1

We use Lumberjack as input in Logstash 2.4. It looks like it requires 3DES cipher. If 3DES_EDE_CBC and DESede are disabled on the JRE running Logstash, Logstash could not be started. If 3DES_EDE_CBC and DESede are disabled on the client side, SSL connection cannot be established. However, 3DES cipher is now considered not secure. (See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183)

Output from openssl:

SSL-Session:
Protocol : TLSv1
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID: 592768FB4E13719858CA0D20595306342EE86B909764ACF68FE66923A735E97E
Session-ID-ctx:
Master-Key: C28BED0AD429B4750C9968CBD979FF5C11B2BC5E9E99AF5E2B6312756346825321AFA18DBB62A801560EC9D8FC1FBC17
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1495755002
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)

Should I open an issue?


(system) #2

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.