zookeeper-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "blb.dev" <bla.ibm....@gmail.com>
Subject How to block TLSv1.0 and 1.1?
Date Wed, 08 Jul 2020 20:36:14 GMT
Hi, how can I configure ZK to disable TLSv1.0 and 1.1?

I have included the java system properties: 
/-Dzookeeper.ssl.quorum.protocol=TLSv1.2
-Dzookeeper.ssl.quorum.enabledProtocols=TLSv1.2
-Dzookeeper.ssl.protocol=TLSv1.2
-Dzookeeper.ssl.enabledProtocols=TLSv1.2/

and the following in zoo.cfg: 
/ssl.quorum.protocol=TLSv1.2
ssl.quorum.enabledProtocols=TLSv1.2
ssl.protocol=TLSv1.2
ssl.enabledProtocols=TLSv1.2/

but I don't want to just enable 1.2 I want to make sure 1.0 and 1.1 is
disabled altogether. Will this accomplish that or is there further way
something like /ssl.disabledProtocols/? 



--
Sent from: http://zookeeper-user.578899.n2.nabble.com/

Mime
View raw message