[SERVER-42351] RHEL8 TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level Created: 23/Jul/19  Updated: 29/Oct/23  Resolved: 06/Aug/19

Status: Closed
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: 4.2.1, 4.3.1

Type: Bug Priority: Major - P3
Reporter: John Chen (Inactive) Assignee: Mark Benvenuto
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Depends
is depended on by SERVER-37772 Platform Support: Add Community & Ent... Closed
Problem/Incident
Related
related to SERVER-43726 Make ssl_alert_reporting.js tolerate ... Closed
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v4.2
Steps To Reproduce:

Run the ssl task on the server evergreen project with the Red Hat 8 distro.

Sprint: Security 2019-08-12
Participants:
Linked BF Score: 50

 Description   

Relevant task: https://evergreen.mongodb.com/task/mongodb_mongo_master_enterprise_rhel_80_64_bit_display_ssl_patch_cbead440945c78b577c29dab8c11e81a58ee7731_5d361da43e8e865c32ebdbb8_19_07_22_20_33_41#/%23%257B%2522compare%2522%253A%255B%257B%2522hash%2522%253A%2522cbead440945c78b577c29dab8c11e81a58ee7731%2522%257D%255D%257D#%257B%2522compare%2522%253A%255B%257B%2522hash%2522%253A%2522cbead440945c78b577c29dab8c11e81a58ee7731%2522%257D%255D%257D

Error: connection attempt failed: SocketException: no protocols available

According to Red Hat: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/considerations_in_adopting_rhel_8/security_considerations-in-adopting-rhel-8
The TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level.

The test needs to be updated to understand this difference in RHEL8.



 Comments   
Comment by Githook User [ 20/Aug/19 ]

Author:

{'username': 'markbenvenuto', 'email': 'mark.benvenuto@mongodb.com', 'name': 'Mark Benvenuto'}

Message: SERVER-42351 RHEL8 TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level

(cherry picked from commit 821f1a22af507a1551e087e0f0081bbfbb8b31f3)
Branch: v4.2
https://github.com/mongodb/mongo/commit/5a5acf493c0a9aedc5b0b7b8613c14cc7f49f862

Comment by Githook User [ 06/Aug/19 ]

Author:

{'name': 'Mark Benvenuto', 'email': 'mark.benvenuto@mongodb.com', 'username': 'markbenvenuto'}

Message: SERVER-42351 RHEL8 TLS 1.0 and TLS 1.1 protocols are disabled in the DEFAULT system-wide cryptographic policy level
Branch: master
https://github.com/mongodb/mongo/commit/821f1a22af507a1551e087e0f0081bbfbb8b31f3

Generated at Thu Feb 08 05:00:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.