You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by mi...@apache.org on 2019/12/05 01:11:53 UTC
[trafficcontrol] branch master updated: Turn off TLSv1 in Traffic
Portal (#4147)
This is an automated email from the ASF dual-hosted git repository.
mitchell852 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new f791687 Turn off TLSv1 in Traffic Portal (#4147)
f791687 is described below
commit f791687b99527c7f9408c44c15332751473051b6
Author: Hank Beatty <hb...@users.noreply.github.com>
AuthorDate: Wed Dec 4 20:11:42 2019 -0500
Turn off TLSv1 in Traffic Portal (#4147)
* Turn off TLSv1 in Traffic Portal
* Updated Changelog
* Updated Changelog
---
CHANGELOG.md | 1 +
traffic_portal/server.js | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0baf70c..64ffd12 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -112,6 +112,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
- Fixed Traffic Ops Golang POST servers/id/deliveryservice continuing erroneously after a database error.
- Fixed Traffic Ops Golang POST servers/id/deliveryservice double-logging errors.
- Issue #4131 - The "Clone Delivery Service Assignments" menu item is hidden on a cache when the cache has zero delivery service assignments to clone.
+- Traffic Portal - Turn off TLSv1
### Deprecated/Removed
- The TO API `cachegroup_fallbacks` endpoint is now deprecated
diff --git a/traffic_portal/server.js b/traffic_portal/server.js
index 5d4b187..408c724 100644
--- a/traffic_portal/server.js
+++ b/traffic_portal/server.js
@@ -109,7 +109,7 @@ if (useSSL) {
// from the list of supported protocols that SSLv23_method supports.
//
var sslOptions = {};
- sslOptions['secureOptions'] = constants.SSL_OP_NO_SSLv3;
+ sslOptions['secureOptions'] = constants.SSL_OP_NO_TLSv1;
sslOptions['key'] = fs.readFileSync(config.ssl.key);
sslOptions['cert'] = fs.readFileSync(config.ssl.cert);