It appears the storage node accepts tls1. It should have a minimum of tls1.1 or tls1.2, really. Is there a way to configure this as a SNO?
1 Like
Welcome @tedder to our community.
Thanks for raising this point.
We are going to verify if we are actually accepting it.
If we see that we do, we definitely will create a patch.
2 Likes
fwiw, here’s a test showing it accepts 1.0:
openssl s_client -no_tls1_2 -no_tls1_3 -no_tls1_1 -connect localhost:28967
you can compare that by forcing tls1.1:
openssl s_client -no_tls1_2 -no_tls1_3 -no_tls1 -connect localhost:28967
2 Likes
Thanks for that!
There is already a PR since this morning for the fix https://github.com/storj/storj/pull/2967
1 Like