On 5/17/2018 1:53 AM, Anchal Sharma2 wrote:
We are using solr version 5.3.0 and have been trying to enable security on
our solr .We followed steps mentioned on site
-https://lucene.apache.org/solr/guide/6_6/enabling-ssl.html .But by default it
picks ,TLS version 1.0,which is causing an issue as our application uses TLSv
1.2.We tried using online resources ,but could not find anything regarding TLS
enablement for solr .
It will be a huge help if anyone can provide some suggestions as to how we can
enable TLS v 1.2 for solr.
The choice of ciphers and encryption protocols is mostly made by Java.
The servlet container might influence it as well. The only servlet
container that is supported since Solr 5.0 is the Jetty that is bundled
in the Solr download.
TLS 1.2 was added in Java 7, and it became default in Java 8. If you
can install the latest version of Java 8 and make sure that it has the
policy files for unlimited crypto strength installed, support for TLS
1.2 might happen automatically.
Solr 5.3.0 is running a fairly old version of Jetty -- 9.2.11.
Information for 9.2.x versions is hard to find, so although I think it
probably CAN do TLS 1.2 if the Java version supports it, I can't be
absolutely sure. You'll need to upgrade Solr to get an upgraded Jetty.
Thanks,
Shawn