> On Jul 3, 2021, at 2:10 PM, Stefan Seelmann <m...@stefan-seelmann.de> wrote: > > I added TLSv1.3 to the default protocols in [1]. There is an open issue > for Mina [2] that describes timeouts when using v1.3, please see my > comment there. When used in Studio I didn't encounter any issue in tests > against OpenLDAP or 389ds, only when using it in ApacheDS, so I assumed > it's only a server-side problem. But your observations proves that my > assumption was wrong. > > Which Java version are you using? I ask because I only tested with Java > 11 and 17-ea, but not with Java 8. >
Hi Stefan, Problem first observed on a Centos8 VM: Java version: 1.8.0_292, vendor: Red Hat, Inc., runtime: /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.292.b10-1.el8_4.x86_64/jre But, later, also on my dev workstation: Java version: 11.0.11, vendor: Ubuntu, runtime: /usr/lib/jvm/java-11-openjdk-amd64 > Otherwise I think you aren't doing anything wrong. Either continue with > your workaround, or we need to revert that change in the LDAP API until > the problem is fixed in Mina. OK, cool, not going to worry about it then. I’ll parameterize the supported TLS protocols (in fortress) providing a default that leaves out TLSv1.3 for this release. Users can supply their own list of protocols, in the properties file, making 1.3 possible. Appreciate the quick response. — Shawn --------------------------------------------------------------------- To unsubscribe, e-mail: api-unsubscr...@directory.apache.org For additional commands, e-mail: api-h...@directory.apache.org