Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Broker/Proxy] Update default TLS protocols to TLSv1.3,TLSv1.2 #10598

Merged
merged 3 commits into from
May 17, 2021
Merged

[Broker/Proxy] Update default TLS protocols to TLSv1.3,TLSv1.2 #10598

merged 3 commits into from
May 17, 2021

Conversation

lhotari
Copy link
Member

@lhotari lhotari commented May 15, 2021

Fixes #10335

Motivation

See #10335. TLSv1.3 support has been introduced in the JDK since JDK 8 since 8u261. TLS protocol TLSv1.1 and TLSv1 aren't considered secure.

Modifications

  • change default TLS protocols to TLSv1.3,TLSv1.2
  • update tests, docs & config files to reflect the change

@lhotari lhotari force-pushed the lh-change-default-tls-protocols branch from 60e6278 to 9bb8f58 Compare May 15, 2021 11:30
@lhotari lhotari added the type/enhancement The enhancements for the existing features or docs. e.g. reduce memory usage of the delayed messages label May 15, 2021
@lhotari lhotari added this to the 2.8.0 milestone May 15, 2021
@lhotari lhotari self-assigned this May 15, 2021
@lhotari lhotari marked this pull request as draft May 15, 2021 13:14
@lhotari lhotari marked this pull request as ready for review May 16, 2021 05:51
@lhotari lhotari closed this May 16, 2021
@lhotari lhotari reopened this May 16, 2021
@lhotari
Copy link
Member Author

lhotari commented May 16, 2021

/pulsarbot run-failure-checks

@lhotari lhotari closed this May 16, 2021
@lhotari lhotari reopened this May 16, 2021
@codelipenghui codelipenghui merged commit b75acbe into apache:master May 17, 2021
yangl pushed a commit to yangl/pulsar that referenced this pull request Jun 23, 2021
@lhotari @yangl
[Broker/Proxy] Update default TLS protocols to TLSv1.3,TLSv1.2 (apach…
63a6932 
…e#10598)

Fixes apache#10335

### Motivation

See apache#10335. TLSv1.3 support has been introduced in the JDK since [JDK 8 since 8u261](adoptium/temurin-build#1254 (comment)). TLS protocol TLSv1.1 and TLSv1 aren't considered secure.

### Modifications

- change default TLS protocols to TLSv1.3,TLSv1.2
- update tests, docs & config files to reflect the change
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@merlimat merlimat merlimat approved these changes

@codelipenghui codelipenghui codelipenghui approved these changes

@eolivelli eolivelli Awaiting requested review from eolivelli

Assignees

@lhotari lhotari

Labels
type/enhancement The enhancements for the existing features or docs. e.g. reduce memory usage of the delayed messages
Projects
None yet
Milestone
2.8.0
Development

Successfully merging this pull request may close these issues.

[Broker] Change default TLS protocols to "TLSv1.3,TLSv1.2" (replace previous default "TLSv1.2,TLSv1.1,TLSv1")
3 participants
@lhotari @merlimat @codelipenghui