This is an automated email from the ASF dual-hosted git repository.
mitchell852 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new f791687 Turn off TLSv1 in Traffic Portal (#4147)
f791687 is described below
commit f791687b99527c7f9408c44c15332751473051b6
Author: Hank Beatty <[email protected]>
AuthorDate: Wed Dec 4 20:11:42 2019 -0500
Turn off TLSv1 in Traffic Portal (#4147)
* Turn off TLSv1 in Traffic Portal
* Updated Changelog
* Updated Changelog
---
CHANGELOG.md | 1 +
traffic_portal/server.js | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0baf70c..64ffd12 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -112,6 +112,7 @@ The format is based on [Keep a
Changelog](http://keepachangelog.com/en/1.0.0/).
- Fixed Traffic Ops Golang POST servers/id/deliveryservice continuing
erroneously after a database error.
- Fixed Traffic Ops Golang POST servers/id/deliveryservice double-logging
errors.
- Issue #4131 - The "Clone Delivery Service Assignments" menu item is hidden
on a cache when the cache has zero delivery service assignments to clone.
+- Traffic Portal - Turn off TLSv1
### Deprecated/Removed
- The TO API `cachegroup_fallbacks` endpoint is now deprecated
diff --git a/traffic_portal/server.js b/traffic_portal/server.js
index 5d4b187..408c724 100644
--- a/traffic_portal/server.js
+++ b/traffic_portal/server.js
@@ -109,7 +109,7 @@ if (useSSL) {
// from the list of supported protocols that SSLv23_method supports.
//
var sslOptions = {};
- sslOptions['secureOptions'] = constants.SSL_OP_NO_SSLv3;
+ sslOptions['secureOptions'] = constants.SSL_OP_NO_TLSv1;
sslOptions['key'] = fs.readFileSync(config.ssl.key);
sslOptions['cert'] = fs.readFileSync(config.ssl.cert);
