TLS settings not taking because jvmsecurity.properties is a relative path

So on the message processor, to restrict protocols, you have to add a property in message-processor.properties like below:

# Possible values are a comma-delimited list of SSLv3, TLSv1, TLSv1.1, TLSv1.2# Ensure that you include SSLv3
conf/jvmsecurity.properties+jdk.tls.disabledAlgorithms=SSLv3,TLSv1,TLSv1.1

This adds the value in /APIGEE_HOME/edge-message-processor/conf/jvmsecurity.properties which is fine.

However, system.properties seems to reference jvmsecurity.properties on a relative path

java.security.properties=../conf/jvmsecurity.properties

I don't think this is something I configured at install time, though I might be mistaken. The gist of it is that if I start message processor up from the /APIGEE_HOME/edge/message-processor/conf directory, the tls disabled algorithms settings take. If I'm not in that directory, it doesn't seem to, and I suspect the relative path. I'm just doing a regular

apigee-service edge-message-processor start

Anyone else able to successfully change jvmsecurity.properties settings?

0 0 178
0 REPLIES 0