2.1.1 Release Notes
Red Hat JBoss Web Server 2.1
Release Notes for Red Hat JBoss Web Server 2.1.1
Red Hat Customer Content Services
These release notes contain important information related to Red Hat JBoss Web Server 2.1.1. Read these Release Notes in their entirety before installing Red Hat JBoss Web Server 2.1.1.
1. Introduction to Red Hat JBoss Enterprise Web Server 2.1
Welcome to the Red Hat JBoss Enterprise Web Server 2.1. As you become familiar with the newest version of JBoss Enterprise Web Server, these Release Notes provide you with information about new features, as well as known and resolved issues. Use this document in conjunction with the entire JBoss Enterprise Web Server 2.1 documentation suite, available at the Red Hat Customer Service Portal's JBoss Enterprise Web Server documentation page.
1.1. About Red Hat JBoss Enterprise Web Server
JBoss Enterprise Web Server is a fully-integrated and certified set of components for hosting Java web applications. It is comprised of the industry's leading web server (Apache HTTP Server), the popular Apache Tomcat Servlet container as well as load balancers (mod_jk and mod_cluster), Hibernate, the Tomcat Native library and others.
This document contains information about the new features, known and resolved issues of Red Hat JBoss Enterprise Web Server version 2.1. Customers are requested to read this document prior to installing this version.
1.3. Upgraded to openssl-1.0.2h
JBoss Web Server 2.1.1 has been upgraded to openssl-1.0.2h. This is because OpenSSL 0.9.8 is end of life and no longer supported. There is added support of TLSv1.2 and new ciphers only for Apache HTTP Server and JBoss EAP 6.4.10 Natives. By default, SSv3 is disabled. SSLv2 and some unsafe ciphers have been removed.
JBoss Web Server 2.1.1 does not support TLSv1.2 for APR connectors on Tomcat. TLSv1.2 works with Java connectors on JDK 1.7 or later.
JBoss OpenSSL 1.0.2h does not claim FIPS certification. Hence, we do not support and test FIPS with JBoss Web Server 2.1.1 on any of our platforms. In case you need more information about FIPS on a specific platform, you can submit a support case online or contact us by phone.
The tomcat-native is upgraded to version 1.1.34.
1.4. Set OPENSSL_CONF and LD_LIBRARY_PATH
You need to set
Using the custom engine is feasible as per the upstream documentation. For more information see, https://www.openssl.org/docs/manmaster/apps/config.html
To get your custom engine working, you have to set it in the upper section of the
openssl.cnffile before any other section. Then, you need to export the
OPENSSL_CONFvariable to make
openssluse this configuration.
The sample configuration for JBoss Web Server is installed in
The configuration of environment variables is required when the
httpd.workerare run directly. When
apachectlscript is used for starting the httpd server, the
postinstallscript updates the correct
OPENSSL_CONFvariables in the