Project

General

Profile

Feature #2895

Ability to disable TLS1.0 and TLS1.1

Added by mihu 2 months ago. Updated 2 months ago.

Status:
Invalid
Priority:
Normal
Assignee:
-
Category:
TLS
Target version:
-
Start date:
2018-07-08
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

As of 2018 the TLS1.0 and TLS1.1 are now considered as less secure then TLS1.2. Ssllabs already started to mark TLS 1.0 differently to hint the users they should consider disabling it. Currently the only option in lighttpd is to select only those ciphers in TLS1.2, which is quite cumbersome.

I can post the patch for this, but I could not found documented way to post patches.

History

#1

Updated by stbuehler 2 months ago

  • Status changed from New to Invalid
  • Target version deleted (1.4.x)

See c09acbeb8a030942d9825b3d0dd01c84e0a0b919: [mod_openssl] ssl.openssl.ssl-conf-cmd (fixes #2758) and https://github.com/lighttpd/lighttpd1.4/pull/84

Also available in: Atom