FTS-2037: disable TLSv1.3 to fallback on TLSv1.2 (!17) · Merge requests · File Transfer Service / fts-monitoring · GitLab

Snippets Groups Projects

Merged Louis Regnier requested to merge loregnie/fts-monitoring:FTS-2037-disable-TLSv1.3 into develop 7 months ago

Requiring a certificate to access the transfers logs, create a post-handshake scenario, which is not well handled by the clients using TLSv1.3.

For the moment, in absence of a better solution, disabling TLSv1.3 allows the users to access transfer logs without issues.

Approved by

Activity

Mihai Patrascoiu approved this merge request 7 months ago

approved this merge request
Mihai Patrascoiu @mipatras · 7 months ago

Owner

Thanks Louis! This will do and will make the transition from CC7 to Alma9 smoother.

In the future, we can think about strictly requiring a client certificate for every page, not only for transfer logs. I remember you said this would no longer break the redirection from the Web Monit pages to the transfer log page.

Merging into develop!

Cheers,
Mihai
Mihai Patrascoiu merged 7 months ago

merged
Mihai Patrascoiu mentioned in commit 4638045e 7 months ago

mentioned in commit 4638045e

Please register or sign in to reply