[
https://issues.apache.org/jira/browse/MINIFICPP-1453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17271309#comment-17271309
]
Martin Zink commented on MINIFICPP-1453:
----------------------------------------
After investigating this issue, it turns out that currently only TLS protocol
v1.2 is supported.
This is hard coded in the [TLSSocket
class|https://github.com/apache/nifi-minifi-cpp/blob/9d0743cd84a46eb120a9b29566ced9905c682f31/libminifi/src/io/tls/TLSSocket.cpp#L74]
I've added a couple integration tests to verify this behaviour in
https://github.com/apache/nifi-minifi-cpp/pull/978
> Ability to disable older TLS versions in MiNiFi C++ agents
> ----------------------------------------------------------
>
> Key: MINIFICPP-1453
> URL: https://issues.apache.org/jira/browse/MINIFICPP-1453
> Project: Apache NiFi MiNiFi C++
> Issue Type: Improvement
> Reporter: Martin Zink
> Assignee: Martin Zink
> Priority: Minor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> Currently on minifi C++ agents communication with C2 using older TLS security
> protocols (e.g. TLS v1, TLS v1.1) cannot be explicitly disabled. (unlike on
> the java agents where this can be achieved with the
> _nifi.minifi.security.ssl.protocol_ config parameter)
> This might be a security requirement for various use-cases.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
