[
https://issues.apache.org/jira/browse/MESOS-9730?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16818147#comment-16818147
]
Till Toenshoff edited comment on MESOS-9730 at 4/15/19 4:44 PM:
----------------------------------------------------------------
It appears this problem is not newly introduced or a codebase regression -
instead something we did never properly support. Deprioritizing this to unblock
the upcoming release. We need to come up with a plan here for proper OpenSSL
1.1 support; possibly following [~kaalh]'s reasonable suggestions.
was (Author: tillt):
It appears this problem is not newly introduced or a regression codebase -
instead something we did never properly support. Deprioritizing this to unblock
the upcoming release. We need to come up with a plan here for proper OpenSSL
1.1 support; possibly following [~kaalh]'s reasonable suggestions.
> Executors cannot reconnect with agents using TLS1.3
> ---------------------------------------------------
>
> Key: MESOS-9730
> URL: https://issues.apache.org/jira/browse/MESOS-9730
> Project: Mesos
> Issue Type: Bug
> Components: libprocess
> Affects Versions: 1.8.0
> Reporter: Stéphane Cottin
> Priority: Major
> Labels: ssl
>
> TLS 1.3 support is enabled by default from openssl >= 1.1.0
> Executors do not reconnect with agents after restart when using TLS 1.3, and
> I guess this should also affect master/slave communication.
> suggested action :
> add a `LIBPROCESS_SSL_ENABLE_TLS_V1_3` environment variable with a `false`
> default, and apply `SSL_OP_NO_TLSv1_3` ssl option when building with openssl
> >= 1.1.0
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
