[AAI-129] RestClientBuilder SSL protocol should be configurable - ONAP JIRA

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Medium
Resolution: Done
Affects Version/s: Beijing Release
Fix Version/s: Beijing Release
Labels:
None

Epic Link:
Configuration enhancements

Description

Currently, RestClientBuilder defaults to TLS1.0 for underlying SSL protocol. TLS1.0 is widely known to be insecure and susceptible to many CVE(s). However, due to the fact that many production Servers still utilize this flawed protocol, it is still somewhat useful in a documented and otherwise secure context.

RestClientBuilder should at least contain a configuration option for underlying SSL protocol in order to allow future upgrade to a more secure protocol, and backwards compatibility with existing servers.

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Ryan Goulding

Reporter:: Ryan Goulding

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 03/Aug/17 12:42 PM

Updated:: 22/Nov/17 11:45 AM

Resolved:: 22/Nov/17 11:45 AM