[MXS-4862] ssl_version should specify minimum version - Jira

XML

Word

Printable

Details

Type: New Feature
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 6.4.13, 22.08.11, 23.02.7, 23.08.3
Fix Version/s: 6.4.14, 22.08.12, 23.02.8, 23.08.4
Component/s: Core
Labels:
- triage

Sprint:
MXS-SPRINT-196, MXS-SPRINT-197

Description

The configuration value should be interpreted as a minimum version, banning any previous TLS versions. The default value "MAX" still allows all versions for backwards compatibility.

Original Description:
-----------------------------------
SSL_VERSION configuration has default value of MAX. This will guarantee that the strongest available encryption is used. However, it allows deprecated versions of SSL:
TLS 1 offered (deprecated)
TLS 1.1 offered (deprecated)

Customer would like to see a way to ensure that deprecated versions not be included. Examples might be:

SSL_VERSION=MAX_NOT_DEPRECATED
or
SSL_VERSION=1.2,1.3

Attachments

Activity

People

Assignee:: Esa Korhonen

Reporter:: Edward Stoever

Votes:: 2 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 2023-11-15 19:01

Updated:: 2024-07-07 16:09

Resolved:: 2023-12-04 14:52

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.