Github user ganeshmurthy commented on a diff in the pull request:
https://github.com/apache/qpid-dispatch/pull/224#discussion_r155839890
--- Diff: python/qpid_dispatch/management/qdrouter.json ---
@@ -515,7 +515,12 @@
"type": "string",
"description": "Specifies the enabled ciphers so the
SSL Ciphers can be hardened. In other words, use this field to disable weak
ciphers. The ciphers are specified in the format understood by the OpenSSL
library. For example, ciphers can be set to
ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; -- The full list
of allowed ciphers can be viewed using the openssl ciphers command",
"create": true
- },
+ },
+ "protocols": {
+ "type": "string",
+ "description": "This list is a space separated string
of the allowed TLS protocols. The current possibilities are TLSv1 TLSv1.1
TLSv1.2. For example, if you want to permit only TLS V.1.1 and TLSv1.2, your
value for the protocols would be TLSv1.1 TLSv1.2. If this attribute is not set,
then all the TLS protocols are allowed.",
--- End diff --
setting type to "type": ["TLSv1", "TLSv1.1", "TLSv1.2"] will mean that only
one in the list is allowed. That is how router schema syntax works.
For example look at "stripAnnotations". It type is set to "type": ["in",
"out", "both", "no"] which means stripAnnotations can have only one of the 4
values "in" or "out" or "both" or "no"
---
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
