Anonymous | Login | Signup for a new account | 12-17-2024 08:33 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0006113 | [Resin] | feature | always | 11-22-17 12:15 | 02-07-18 15:23 | ||||
Reporter | stbu | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | ||||||
Status | closed | Product Version | 4.0.54 | ||||||
Summary | 0006113: Access-logging of TLS protocol version and used Cipher-Suite | ||||||||
Description |
Dear Caucho Team, given that Support for TLS 1.0 should be removed latest by End of June 2018 [1] (also from Webservers) I would really like to be able to track usage and progress on this based on HTTP connections made to our Resin Server. This would allow to decide whether or not it's safe to disable that outdated protocol. Would it be possible to add the following TLS Session Information as variables to the Resin access-logging variables [2]? - TLS protocol version (e.g. TLSv1.0, TLSv1.1, TLSv1.2) - Used Cipher-Suite (such as TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) based on a SSLSession from both possible SSL configuration options (<jsse-ssl> and <openssl>)? Other webservers such as NGINX offer these (and more) variables for logging: See also: https://serverfault.com/questions/620123/how-can-i-let-nginx-log-the-used-ssl-tls-protocol-and-ciphersuite [^] http://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables [^] References: [1] See also: https://www.pcicomplianceguide.org/ssl-and-early-tls-new-migration-dates-announced/ [^] [2] http://www.caucho.com/resin-4.0/admin/logging.xtp#access-log [^] -- Steffen |
||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
30 total queries executed. 26 unique queries executed. |