You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by securenamefirst securenamelast <se...@gmail.com> on 2012/11/20 15:27:18 UTC
ftps server and using tls v1.1 by recompiling with open ssl version 1.0
Hi All,
i need to run ftp server to be able to use tlsv1.1.
it seems ftp server, similar to apache server only supports TLS v1.0.
how is it possible to recompile the openSSL version 1.0.1-stable into the
latest version of ftp server to hopefully be able to configure TLS v 1.1
Apparently, TLS 1.1 and 1.2 are supported by openSSL version 1.0.1-stable,
but not open ssl 0.9 which is what is used in most servers. not sure what
ftp server uses maybe someone can inform us of that too.
some direction on how to replace the open ssl version with latest would be
great.
if anyone has previously done and had too many issues and given up then
that feedback would be greatly appreciated so that i don’t waste time
trying the same things.
thanks.
Re: ftps server and using tls v1.1 by recompiling with open ssl
version 1.0
Posted by securenamefirst securenamelast <se...@gmail.com>.
Hi Thanks for that info.
but unfortunately I’m using below : and cant upgrade as the
current application is based on below java edition.
java version "1.5.0_14"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_14-b03)
Java HotSpot(TM) Server VM (build 1.5.0_14-b03, mixed mode)
the req is to transfer some files using current application with least
' as is' software but need a new mechanism to the actual transfer as
currently its done using tftp which is udp based and is not over ssl /
tls. the requirement is to make the transfer of firmware over a TLS v 1.1
secure connection.
the only two solutions i have are apache webserver - which doesn’t support
tls1.1 and apache ftps which again doesn’t support tls 1.1.
i hear that s_server ... ( some kind of test server from open ssl ) does
support 1.1 and 1.2 but not sure if that's a production ready or dev only
server , so not sure what to do other than recompile the stable open ssl
version that support tls1.1 to mina apache ftpserver or apache webserever?
any other ideas would be greatly appreciated.
thanks all.
On Tue, Nov 20, 2012 at 2:41 PM, Sai Pullabhotla <
sai.pullabhotla@jmethods.com> wrote:
> If you are using Sun JRE 1.7.x, TLS 1.1 and 1.2 are enabled by default for
> server side connections. Please refer to this link for more information:
>
>
> http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html
>
>
> Scroll to the subsection titled Protocols under the main section - Sun JSSE
> Provider.
>
> Hope this helps!
>
> Sai.
>
>
> On Tue, Nov 20, 2012 at 8:27 AM, securenamefirst securenamelast <
> securenamefirst@gmail.com> wrote:
>
> > Hi All,
> >
> > i need to run ftp server to be able to use tlsv1.1.
> >
> > it seems ftp server, similar to apache server only supports TLS v1.0.
> >
> > how is it possible to recompile the openSSL version 1.0.1-stable into
> the
> > latest version of ftp server to hopefully be able to configure TLS v 1.1
> >
> > Apparently, TLS 1.1 and 1.2 are supported by openSSL version
> 1.0.1-stable,
> > but not open ssl 0.9 which is what is used in most servers. not sure
> what
> > ftp server uses maybe someone can inform us of that too.
> >
> > some direction on how to replace the open ssl version with latest would
> be
> > great.
> >
> > if anyone has previously done and had too many issues and given up then
> > that feedback would be greatly appreciated so that i don’t waste time
> > trying the same things.
> >
> >
> >
> > thanks.
> >
>
Re: ftps server and using tls v1.1 by recompiling with open ssl
version 1.0
Posted by Sai Pullabhotla <sa...@jmethods.com>.
If you are using Sun JRE 1.7.x, TLS 1.1 and 1.2 are enabled by default for
server side connections. Please refer to this link for more information:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html
Scroll to the subsection titled Protocols under the main section - Sun JSSE
Provider.
Hope this helps!
Sai.
On Tue, Nov 20, 2012 at 8:27 AM, securenamefirst securenamelast <
securenamefirst@gmail.com> wrote:
> Hi All,
>
> i need to run ftp server to be able to use tlsv1.1.
>
> it seems ftp server, similar to apache server only supports TLS v1.0.
>
> how is it possible to recompile the openSSL version 1.0.1-stable into the
> latest version of ftp server to hopefully be able to configure TLS v 1.1
>
> Apparently, TLS 1.1 and 1.2 are supported by openSSL version 1.0.1-stable,
> but not open ssl 0.9 which is what is used in most servers. not sure what
> ftp server uses maybe someone can inform us of that too.
>
> some direction on how to replace the open ssl version with latest would be
> great.
>
> if anyone has previously done and had too many issues and given up then
> that feedback would be greatly appreciated so that i don’t waste time
> trying the same things.
>
>
>
> thanks.
>