Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-6610

Add support for Minimum TLS support

    XMLWordPrintableJSON

Details

    Description

      Add support for minimum TLS support.

      Currently, the TLSProtocol parameter only supports a specific version of TLS to be used.

       

      Investigation:

      Setting the default SSL context method to be sslv23 with default sslv2 and sslv3 turned off would allow us to restrict the protocol to be TLS only.

      Additional flags can be applied to further restrict the minimum TLS version:

      For example:

      Minimum TLS 1.0 - Sets NO_SSLv2 and NO_SSLv3

      Minimum TLS 1.1 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1

      Minimum TLS 1.2 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1 and NO_TLSv1_1

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1388

          Activity

            People

              robertw Rob Wu
              robertw Rob Wu
              Sorabh Hamirwasia Sorabh Hamirwasia
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: