[
https://issues.apache.org/jira/browse/FTPSERVER-503?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498163#comment-17498163
]
Emmanuel Lécharny commented on FTPSERVER-503:
---------------------------------------------
Fixed in 1.1.2
> Cannot limit the server to listen for client connections using TLS 1.2(/1.3)
> only
> ---------------------------------------------------------------------------------
>
> Key: FTPSERVER-503
> URL: https://issues.apache.org/jira/browse/FTPSERVER-503
> Project: FtpServer
> Issue Type: Bug
> Components: Core, Server
> Reporter: AvnerW
> Priority: Major
> Fix For: 1.1.2
>
>
> Hi,
> I would like to know if there is a way to limit the server to listen for TLS
> 1.2(/1.3) only and block older versions of SSL/TLS (TLS1.1, TLS1.0 or SSLv3).
> I'm using:
> *ftpserver-core 1.1.1*
> *mina-core 2.0.21*
> I tried to *setSslProtocol*("TLSv1.2") in the *SslConfigurationFactory*.
> As I understand this is should affect the *SSLContext* initialization.
> However, I am able to connect to the server with both:
> - WinSCP client after setting the min & max TLS version to *TLSv1.0-TLSv1.0*
> - openssl s_client -connect <server>:<port> *-tls1* -starttls ftp
> I am expecting both to fail (as the server should only accept TLS 1.2)
> Any idea if this is a bug or not yet supported in Apache FTP?
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
