Project

General

Profile

Tracker #31386

Default to TLS 1.2+

Added by Ewoud Kohl van Wijngaarden 8 months ago. Updated 4 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
% Done:

100%

Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

Clients needing these old versions are going EOL. The ecosystem is ready for TLS 1.2+ by default. This makes it easier for organizations to comply with PCI-DSS and similar stricter policies.

This is a tracker to relate issues to.


Subtasks

Feature #31385: Disable weak ciphers in qpid-routerClosedEwoud Kohl van Wijngaarden
Feature #31387: Disable TLS 1.0 and 1.1 by default in ApacheClosedEwoud Kohl van Wijngaarden
Refactor #31435: Drop ssl_protocol parameter on foreman_proxy_contentClosedEwoud Kohl van Wijngaarden

Related issues

Related to Smart Proxy - Feature #29252: Stop accepting TLS 1.1 connectionsClosed

History

#1 Updated by Ewoud Kohl van Wijngaarden 7 months ago

  • Triaged changed from No to Yes
  • Status changed from New to Resolved
  • Fixed in Releases 2.4.0 added

All dependent issues have been resolved so I'm marking this as resolved.

#2 Updated by Amit Upadhye 4 months ago

  • Category set to Foreman modules

#3 Updated by Ewoud Kohl van Wijngaarden 4 months ago

  • Category deleted (Foreman modules)

This explicitly didn't have a category since it wasn't limited to just Foreman Modules.

#4 Updated by Ewoud Kohl van Wijngaarden 4 months ago

Also available in: Atom PDF