[
https://issues.apache.org/jira/browse/CASSANDRA-9544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14617012#comment-14617012
]
Tyler Hobbs commented on CASSANDRA-9544:
----------------------------------------
I like adding the ability to configure the ssl protocol version, but I think
keeping TLSv1 as the default is the best option. It's the Cassandra default,
it has always been the cqlsh default, and it should be the most secure choice.
I've created a [branch with the
changes|https://github.com/thobbs/cassandra/tree/CASSANDRA-9544].
Pending CI test runs:
* [2.1
dtest|http://cassci.datastax.com/view/Dev/view/thobbs/job/thobbs-CASSANDRA-9544-dtest/]
* [2.2
testall|http://cassci.datastax.com/view/Dev/view/thobbs/job/thobbs-CASSANDRA-9544-testall/]
> Allow specification of TLS protocol to use for cqlsh
> ----------------------------------------------------
>
> Key: CASSANDRA-9544
> URL: https://issues.apache.org/jira/browse/CASSANDRA-9544
> Project: Cassandra
> Issue Type: Improvement
> Components: Tools
> Reporter: Jesse Szwedko
> Labels: cqlsh, tls
>
> Currently when using {{cqlsh}} with {{--ssl}} it tries to use TLS 1.0 to
> connect. I have my server only serving TLS 1.2 which means that I cannot
> connect.
> It would be nice if {{cqlsh}} allowed the TLS protocol it uses to connect to
> be configured.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
