[
https://issues.apache.org/jira/browse/CLOUDSTACK-10319?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16395062#comment-16395062
]
ASF GitHub Bot commented on CLOUDSTACK-10319:
---------------------------------------------
rhtyd commented on issue #2480: CLOUDSTACK-10319: Prefer TLSv1.2, deprecate
TLSv1.0,1.1
URL: https://github.com/apache/cloudstack/pull/2480#issuecomment-372265703
Test LGTM, no failures seen. The only affected public facing services are
browser related - (1) apache2 on systemvms and (2) jetty powered mgmt server.
Given the UI does not support IE, we've been testing against modern browsers
such as Chrome and Firefox only, acceptance of the PR should not cause new
failures for users. If admins want to enable TLS support (1.0+1.1) for browsers
for the UI, they may configure the java.security.ciphers file or explicitly set
the `jdk.tls.disabledAlgorithms= SSLv2Hello, SSLv3` option to allow both TLSv1,
v1.1. With Java8, TLS1.2 is enabled by default.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Prefer TLSv1.2 and deprecate TLS 1.0/1.1
> ----------------------------------------
>
> Key: CLOUDSTACK-10319
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10319
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Reporter: Rohit Yadav
> Assignee: Rohit Yadav
> Priority: Major
> Fix For: 4.12.0.0, 4.11.1.0
>
>
> TLS 1.0 and 1.1 are both recommended to not be used. The aim would be to make
> cloudstack prefer tls 1.2.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
