You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@activemq.apache.org by "Chris White (Jira)" <ji...@apache.org> on 2022/03/30 11:53:00 UTC
[jira] [Commented] (AMQNET-765) TLS 1.2 should be default connection protocol for openwire
[ https://issues.apache.org/jira/browse/AMQNET-765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17514643#comment-17514643 ]
Chris White commented on AMQNET-765:
------------------------------------
Looking at [https://docs.microsoft.com/en-us/dotnet/api/system.security.authentication.sslprotocols?view=net-6.0] , I guess that it would be most approriate to return SslProtocols.None;
> TLS 1.2 should be default connection protocol for openwire
> ----------------------------------------------------------
>
> Key: AMQNET-765
> URL: https://issues.apache.org/jira/browse/AMQNET-765
> Project: ActiveMQ .Net
> Issue Type: Improvement
> Components: NMS
> Affects Versions: OpenWire-1.8.0
> Reporter: Chris White
> Priority: Minor
>
> Hi,
> I have had a recent issue with NMS Openwire where the default behaviour is to default to initiating TLS 1.0 connections for SSL connections.
> SslTransport.cs
> {{{{ }}}}
> {code:java}
> private SslProtocols GetAllowedProtocol()
> {
> if (!String.IsNullOrEmpty(SslProtocol))
> {
> return (SslProtocols)Enum.Parse(typeof(SslProtocols), SslProtocol, true);
> }
> return SslProtocols.Default;
> }
> {code}
> Surely, the default should be TLS 1.2 (or even TLS 1.3) givent the fact Microsoft have announced deprecation of SSL/TLS 1.0/1.1 for security reasons?
> [https://docs.microsoft.com/en-us/lifecycle/announcements/transport-layer-security-1x-disablement]
> regards
> Chris
--
This message was sent by Atlassian Jira
(v8.20.1#820001)