Skip to content

Enforce minimum TLS version of 1.2#831

Merged
sergeybykov merged 3 commits intotemporalio:masterfrom
sergeybykov:feature/tls-1.2
Oct 12, 2020
Merged

Enforce minimum TLS version of 1.2#831
sergeybykov merged 3 commits intotemporalio:masterfrom
sergeybykov:feature/tls-1.2

Conversation

@sergeybykov
Copy link
Copy Markdown
Member

@sergeybykov sergeybykov commented Oct 12, 2020

What changed?
Set minimum version of the TLS protocol to 1.2.
Consolidated instantiation of tls.Config structs to a set of helper function for easier maintenance going forward

Why?
To prevent connections over obsolete and insecure versions of the TLS protocol.

How did you test it?
Ran Unit tests.
Will rely on BuildKite tests for broader test coverage.

Potential risks
If some of our dependencies don't support TLS 1.2, communication might break.

@sergeybykov sergeybykov requested a review from a team October 12, 2020 02:18
wxing1292
wxing1292 reviewed Oct 12, 2020
View reviewed changes
@sergeybykov sergeybykov merged commit 84053ea into temporalio:master Oct 12, 2020
@sergeybykov sergeybykov deleted the feature/tls-1.2 branch October 12, 2020 19:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

2 more reviewers

@alexshtin alexshtin alexshtin left review comments

@wxing1292 wxing1292 wxing1292 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sergeybykov @alexshtin @wxing1292