From bf5c71bc7049ad22e5ecd5c7508ad4b6eb88f750 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 21 Jan 2026 15:08:05 +0000 Subject: [PATCH 1/4] Initial plan From a6d4adf8440d9a4bc208f8cb8620c2b8cb06f6ac Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 21 Jan 2026 15:50:43 +0000 Subject: [PATCH 2/4] Replace deprecated TLS_RSA_WITH_AES_128_CBC_SHA with TLS_RSA_WITH_AES_128_GCM_SHA256 Co-authored-by: chrjohn <6644028+chrjohn@users.noreply.github.com> --- .../src/test/java/quickfix/mina/ssl/SSLCertificateTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java index d5457c485..736f8f489 100644 --- a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java +++ b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java @@ -99,7 +99,7 @@ public class SSLCertificateTest { @Parameters public static List parameters() { - return Arrays.asList(new String[][]{{"TLS_RSA_WITH_AES_128_CBC_SHA", "TLSv1.2"}, {"TLS_AES_256_GCM_SHA384", "TLSv1.3"}}); + return Arrays.asList(new String[][]{{"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLSv1.2"}, {"TLS_AES_256_GCM_SHA384", "TLSv1.3"}}); } // Note: To diagnose cipher suite errors, run with -Djavax.net.debug=ssl:handshake From c9031e37d661e1d8f6ab849977507af3b2188421 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 21 Jan 2026 16:01:17 +0000 Subject: [PATCH 3/4] Remove deprecated cipher suites from CERTIFICATE_REQUIRED_CIPHER_SUITES constant Co-authored-by: chrjohn <6644028+chrjohn@users.noreply.github.com> --- .../src/test/java/quickfix/mina/ssl/SSLCertificateTest.java | 2 -- 1 file changed, 2 deletions(-) diff --git a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java index 736f8f489..ad9755987 100644 --- a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java +++ b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java @@ -91,8 +91,6 @@ public class SSLCertificateTest { "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_256_CBC_SHA256", - "TLS_RSA_WITH_AES_128_CBC_SHA", - "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_AES_128_GCM_SHA256", "TLS_AES_256_GCM_SHA384" ); From 2f524f9a207efe2ad8425b7557a1bb2807238c85 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 21 Jan 2026 17:54:57 +0000 Subject: [PATCH 4/4] Use TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 instead of TLS_RSA_* suites Co-authored-by: chrjohn <6644028+chrjohn@users.noreply.github.com> --- .../src/test/java/quickfix/mina/ssl/SSLCertificateTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java index ad9755987..ee5e13fb9 100644 --- a/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java +++ b/quickfixj-core/src/test/java/quickfix/mina/ssl/SSLCertificateTest.java @@ -97,7 +97,7 @@ public class SSLCertificateTest { @Parameters public static List parameters() { - return Arrays.asList(new String[][]{{"TLS_RSA_WITH_AES_128_GCM_SHA256", "TLSv1.2"}, {"TLS_AES_256_GCM_SHA384", "TLSv1.3"}}); + return Arrays.asList(new String[][]{{"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLSv1.2"}, {"TLS_AES_256_GCM_SHA384", "TLSv1.3"}}); } // Note: To diagnose cipher suite errors, run with -Djavax.net.debug=ssl:handshake