Actions
Feature #11524
closedUse TLS 1.2 to default version of OpenSSL
Status:
Closed
Assignee:
-
Target version:
-
Description
OpenSSL on trunk still use SSL version 3 with default option. but SSLv3 have some vulnerability.
I propose to use TLS 1.2 with default on OpenSSL library.
see original proposal: https://github.com/ruby/ruby/pull/873
In other side, HTTP/2 must be required TLS 1.2 protocol. We should change it before http client
author put ctx.ssl_version = :TLSv1_2
every their code.
Actions
Like0
Like0Like0