cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-10319) Prefer TLSv1.2 and deprecate TLS 1.0/1.1
Date Mon, 12 Mar 2018 10:44:00 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10319?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16395062#comment-16395062
] 

ASF GitHub Bot commented on CLOUDSTACK-10319:
---------------------------------------------

rhtyd commented on issue #2480: CLOUDSTACK-10319: Prefer TLSv1.2, deprecate TLSv1.0,1.1
URL: https://github.com/apache/cloudstack/pull/2480#issuecomment-372265703
 
 
   Test LGTM, no failures seen. The only affected public facing services are browser related
- (1) apache2 on systemvms and (2) jetty powered mgmt server. Given the UI does not support
IE, we've been testing against modern browsers such as Chrome and Firefox only, acceptance
of the PR should not cause new failures for users. If admins want to enable TLS support (1.0+1.1)
for browsers for the UI, they may configure the java.security.ciphers file or explicitly set
the `jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3` option to allow both TLSv1, v1.1. With
Java8, TLS1.2 is enabled by default.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Prefer TLSv1.2 and deprecate TLS 1.0/1.1
> ----------------------------------------
>
>                 Key: CLOUDSTACK-10319
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10319
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Rohit Yadav
>            Assignee: Rohit Yadav
>            Priority: Major
>             Fix For: 4.12.0.0, 4.11.1.0
>
>
> TLS 1.0 and 1.1 are both recommended to not be used. The aim would be to make cloudstackĀ prefer
tlsĀ 1.2.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message