oscerd commented on code in PR #21951:
URL: https://github.com/apache/camel/pull/21951#discussion_r2923718148
##########
components/camel-mongodb/src/main/java/org/apache/camel/component/mongodb/SslAwareMongoClient.java:
##########
@@ -76,7 +76,7 @@ public MongoClient get() {
builder.invalidHostNameAllowed(true);
SSLContext sc = null;
try {
- sc = SSLContext.getInstance("TLSv1.2");
+ sc = SSLContext.getInstance("TLS");
Review Comment:
With "TLS", the JVM's security configuration (jdk.tls.disabledAlgorithms in
java.security) controls which versions are actually enabled. On modern JVMs,
TLS 1.0 and 1.1 are already disabled by default, so the effective range is TLS
1.2–1.3. When PQC key exchange becomes available (JDK 25+), "TLS" will
automatically pick it up through TLS 1.3 without code changes. That's why it's
the correct choice over hardcoding any specific version.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
