Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enforce TLS 1.2 by default #22

Closed
stklcode opened this Issue Oct 6, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@stklcode
Copy link
Owner

stklcode commented Oct 6, 2018

Vault itself useses TLS 1.2 by default.
But even if the tls_min_version is not explicitly set to a lower version or a an HTTP proxy with lower support is used for whatever reason, the connector should aim for the latest protocol possible.

Current implementation of the connector enforces TLS. This should be rewritten to TLSv1.2 and potentialls an optional configuration flag in the builder to override this as needed.

@stklcode stklcode added the enhancement label Oct 6, 2018

@stklcode stklcode added this to the 0.8 milestone Oct 6, 2018

@stklcode stklcode self-assigned this Oct 6, 2018

stklcode added a commit that referenced this issue Oct 6, 2018

Enforce TLS 1.2 by default with option to override (#22)
The TLS version can be explicitly set in builder or constructor. If not
given, the connector will only use 1.2 as Vault does by default, too.

@stklcode stklcode closed this Nov 20, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.