[QPID-8354] [Broker-J][JMS AMQP 0-x] Backlist TLSv1.1 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: qpid-java-broker-7.1.5, qpid-java-client-0-x-6.3.5
Component/s: Broker-J, JMS AMQP 0-x
Labels:
None

Description

The TLSv1.1 is allowed by default for establishing TLS connectivity in both Qpid Broker-J and legacy JMS client for AMQP 0-x. TLS 1.0 is already blacklisted in both products. We can consider restricting allowed TLS protocols to TLSv1.2 and TLSv1.3 by default. The TLSv1.2 can be used with JDK8-10 and TLSv1.3 can be used with JDK 11 and above.

Attachments

Issue Links

links to

GitHub Pull Request #37

Activity

People

Assignee:: Alex Rudyy

Reporter:: Alex Rudyy

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 31/Jul/19 10:20

Updated:: 28/May/20 13:45

Resolved:: 29/Sep/19 22:29