TLS support in UI ? SSLv3 unsafe
Posted: 15 Oct 2014, 08:19
I vaguely remember not being able to enable TLS despite the UI_SSL_VERSION setting being added.
Do you know if there are perl libraries we use to allow TLS instead of SSLv3 which is now unsafe because of "POODLE" ?
Update: nevermind, I just realized I have SSLv3 in my browser disabled and I am connecting to the UI with TLS, so it does work
you'll just have to change the default setting now from
SSLv23:!SSLv2
to
!SSLv3:!SSLv2
? hmm
Do you know if there are perl libraries we use to allow TLS instead of SSLv3 which is now unsafe because of "POODLE" ?
Update: nevermind, I just realized I have SSLv3 in my browser disabled and I am connecting to the UI with TLS, so it does work
you'll just have to change the default setting now from
SSLv23:!SSLv2
to
!SSLv3:!SSLv2
? hmm
SSL_version
Sets the version of the SSL protocol used to transmit data. 'SSLv23' auto-negotiates between SSLv2 and SSLv3, while 'SSLv2', 'SSLv3', 'TLSv1', 'TLSv1_1' or 'TLSv1_2' restrict the protocol to the specified version. All values are case-insensitive. Instead of 'TLSv1_1' and 'TLSv1_2' one can also use 'TLSv11' and 'TLSv12'. Support for 'TLSv1_1' and 'TLSv1_2' requires recent versions of Net::SSLeay and openssl.