You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,for some reason,we need to support SSLv3 TLSv1 TLSv1.1 in our apisix, I added TLSv1 and TLSv1.1 ssl_ciphers. after doing this. I test it with my java client(specify TLS version), it works fine,the following is my config:
`
then I use java client specify SSLv3 ,send a request. the handshake is failed:
what more confuse me is when config ssl_protocols: TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 SSLv3,I use java client specify SSLv3 ,send a request. the packet is indicate using TLSv1, I do not know why.
I want to know, how support SSLv3 in apisix, need your help, thanks
Environment
APISIX version (run apisix version): 2.15.0
Operating system (run uname -a):Linux 3.10.0-1160.71.1.el7.x86_64
OpenResty / Nginx version (run openresty -V or nginx -V):openresty/1.21.4.2
etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):3.5.0
APISIX Dashboard version, if relevant:
Plugin runner version, for issues related to plugin runners:
LuaRocks version, for installation issues (run luarocks --version):
The text was updated successfully, but these errors were encountered:
Description
Hello,for some reason,we need to support SSLv3 TLSv1 TLSv1.1 in our apisix, I added TLSv1 and TLSv1.1 ssl_ciphers. after doing this. I test it with my java client(specify TLS version), it works fine,the following is my config:
`
`
the above config works fine. I test TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 , all ok.
in my apisix machine, openssl version is v1.1.1s. I use the following command:
`
`
then I add the cipher in ssl_ciphers and add protol SSLv3 in ssl_protocols:
`
`
I added crt and key in apisix ssl model,as below:
![image](https://private-user-images.githubusercontent.com/48037235/338930237-9ccf31d7-e801-4e02-acf3-56a439f97098.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE3ODA1NjUsIm5iZiI6MTcyMTc4MDI2NSwicGF0aCI6Ii80ODAzNzIzNS8zMzg5MzAyMzctOWNjZjMxZDctZTgwMS00ZTAyLWFjZjMtNTZhNDM5Zjk3MDk4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI0VDAwMTc0NVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTUwM2Q0ZWJhZmRlZGMwYjUwNDU1MGMxYTg3MzUzYzkyNTdjYzVjMmQ1YjljNDUzMDJhYTYwYTdiNThmYmM3OGYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.sAs7j1Vx3tUcch1VwMxrgR5_j-zjgIyOohMGMh9cgBk)
then I use java client specify SSLv3 ,send a request. the handshake is failed:
![image](https://private-user-images.githubusercontent.com/48037235/338930930-4620fe00-0d39-49ce-b1b5-591523f134b6.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE3ODA1NjUsIm5iZiI6MTcyMTc4MDI2NSwicGF0aCI6Ii80ODAzNzIzNS8zMzg5MzA5MzAtNDYyMGZlMDAtMGQzOS00OWNlLWIxYjUtNTkxNTIzZjEzNGI2LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI0VDAwMTc0NVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTRkNDk0ZDViMjI0YjNlZTg4YmRiMWEzM2IxNTEyY2U3YzdkZDkyMzUwNjE0ODViM2I5OTcwMjc3MzJhOTNjZmUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.JPHUZ6wD3xhRjP2Q9yTxWAjciBHWXnjKB6_M6HHASXA)
what more confuse me is when config ssl_protocols: TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 SSLv3,I use java client specify SSLv3 ,send a request. the packet is indicate using TLSv1, I do not know why.
![image](https://private-user-images.githubusercontent.com/48037235/338932368-2ee58f7e-69a8-4c57-b026-0adb7f9b5382.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjE3ODA1NjUsIm5iZiI6MTcyMTc4MDI2NSwicGF0aCI6Ii80ODAzNzIzNS8zMzg5MzIzNjgtMmVlNThmN2UtNjlhOC00YzU3LWIwMjYtMGFkYjdmOWI1MzgyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI0VDAwMTc0NVomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTJjZTQyNGU1ODYyNTBjOWEyZDY0ZGI4ODliMWEwZmM2MWVlN2U3N2U0OTEwZjQ0NmZmYWQxNDdmZDBmOTExZjQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.a031BWEoYTWk-TTFjtiJicf352xK4qdVvNreBJAI1ms)
I want to know, how support SSLv3 in apisix, need your help, thanks
Environment
apisix version
): 2.15.0uname -a
):Linux 3.10.0-1160.71.1.el7.x86_64openresty -V
ornginx -V
):openresty/1.21.4.2curl http://127.0.0.1:9090/v1/server_info
):3.5.0luarocks --version
):The text was updated successfully, but these errors were encountered: