You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@geode.apache.org by "Donal Evans (Jira)" <ji...@apache.org> on 2022/05/23 15:56:00 UTC

[jira] [Resolved] (GEODE-10297) SSL protocol ordering can result in loss of newer protocol support.

     [ https://issues.apache.org/jira/browse/GEODE-10297?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Donal Evans resolved GEODE-10297.
---------------------------------
    Fix Version/s: 1.16.0
       Resolution: Fixed

> SSL protocol ordering can result in loss of newer protocol support.
> -------------------------------------------------------------------
>
>                 Key: GEODE-10297
>                 URL: https://issues.apache.org/jira/browse/GEODE-10297
>             Project: Geode
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 1.12.9, 1.13.8, 1.14.4, 1.15.0, 1.16.0
>            Reporter: Jacob Barrett
>            Assignee: Donal Evans
>            Priority: Major
>              Labels: blocks-1.15.0, needsTriage, pull-request-available
>             Fix For: 1.16.0
>
>
> If {{ssl-protocols}} is listed with a older protocol version ahead of a newer the {{SSLContext}} used will support at most that weaker protocol.
> For example {{ssl-protocols=TLSV1.2,TLSv1.3,TLSv1.1}} will use the {{TLSv1.2}} {{SSLContext}}, which will not support, and silently ignore, the {{TLSv1.3}} configuration. The effective enabled protocols list will be {{TLSV1.2,TLSv1.1}}.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)