Hello, A problem with Fortress using LDAPS in the API. It was brought on by this commit:
https://github.com/apache/directory-ldap-api/commit/4322886f8ed9fe0d2c588f0c557e92e4d160149f ``` public class LdapNetworkConnection … // Default to TLS sslFilter.setEnabledProtocols( new String[] - { "TLSv1", "TLSv1.1", "TLSv1.2" } ); + { "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" } ); ``` That is when TLSv1.3 was added as a default enabled protocol in the API, fortress started having LDAPS connections problems. Specifically, connections hang during bind ops, as they’re retrieved from the pool. Looking at the server log, the bind was successful, but the API's async handler (ignores?) times out. When I add this to the Fortress connection pool initialization: ``` config.setEnabledProtocols( new String[] { "TLSv1", "TLSv1.1", "TLSv1.2" } ); ``` Everything then works again as it should. In other words, when bypassing TLSv1.3 on the client side, it works again. Not sure what’s going on, or if my workaround is the best way to handle this situation. Any ideas on what I'm doing wrong? Thanks, — Shawn --------------------------------------------------------------------- To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org
