Mantis - Resin
Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
6052 major always 04-25-17 05:26 04-25-17 13:43
Reporter: VasumathiN Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: closed Product Version: 4.0.49  
Product Build: Resolution: no change required  
Projection: none      
ETA: none Fixed in Version:  
Summary: 0006052: Disable TLS version 1.0/TLS version 1.1 in resin server
Description: How to disable TLS version 1.0/TLS version 1.1 in resin server4.0.49

Currently we are using given jsse_cipher_suites in resin.properties
jsse_cipher_suites : TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Steps To Reproduce:
Additional Information:
Relationships
Attached Files:

Notes
(0006750)
stbu   
04-25-17 12:14   
It's me again (I'm not a Caucho employee, but a 14+ Years Resin user) from bug 0006051

If you really want to exclude TLS 1.0 and 1.1 just use "TLSv1.2" in the <protocol> in your <jsse-ssl> configuration in resin.xml like this:

        <jsse-ssl>
          <key-store-file>XXX</key-store-file>
          <password>XXX</password>
          <protocol>TLSv1.2</protocol>
          ...