[SERVER-32981] Disable TLS 1.0 by default Created: 29/Jan/18  Updated: 29/Oct/23  Resolved: 03/Apr/18

Status: Closed
Project: Core Server
Component/s: Networking
Affects Version/s: None
Fix Version/s: 3.7.4

Type: Task Priority: Major - P3
Reporter: Mark Benvenuto Assignee: Sara Golemon
Resolution: Fixed Votes: 0
Labels: security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on SERVER-32923 Platform Support: remove SLES11 builds Closed
is depended on by SERVER-34237 Expose means for shell to disable TLS... Closed
Documented
is documented by DOCS-11541 Docs for SERVER-32981: Disable TLS 1.... Closed
Related
Backwards Compatibility: Major Change
Sprint: Platforms 2018-04-09
Participants:

 Description   

TLS 1.0 will be disabled by default on all platforms where MongoDB is linked against OpenSSL 1.0.1 or later.

A new boolean startup server parameter will be added “enableInsecureTLS1_0” to enable TLS 1.0. It is an error to set this parameter if net.ssl.disabledProtocols contains "noTLS1_0".



 Comments   
Comment by Githook User [ 03/Apr/18 ]

Author:

{'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon', 'username': 'sgolemon'}

Message: SERVER-32981 Disable TLS 1.0 by default
Branch: master
https://github.com/mongodb/mongo/commit/6de2b07c2285b26c6f724ca684eb9dd7fde117dc

Comment by Githook User [ 03/Apr/18 ]

Author:

{'email': 'sara.golemon@mongodb.com', 'name': 'Sara Golemon', 'username': 'sgolemon'}

Message: SERVER-32981 Be permissive with TLS version accepted in KMIP test
Branch: master
https://github.com/10gen/mongo-enterprise-modules/commit/b3074b0390c71442cb5f9b671c26ab00e397281e

Generated at Thu Feb 08 04:31:54 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.