Closed onuryurdupak closed 2 years ago
Binary Version: 1.5.8
I am running Fabio with: fabio -cfg fabio.properties
fabio -cfg fabio.properties
Contents of the fabio.properties are:
tlsmin=tls11 tlsmax=tls11 proxy.cs=cs=int;type=path;cert=/etc/fabio/ssl proxy.addr=172.16.15.10:443;cs=int proxy.maxconn=-1 registry.consul.addr=127.0.0.1:8500 registry.consul.tagprefix=urlprefix-
I was expecting that this would restrict TLS to version 1.1 only. But curl'ing the address in verbose mode shows that SSL handshake can be done in version 1.3 too. Am I making an error in tlsmin, tlsmax definitions or missing something else?
Seems like we had another LB in front of Fabio which handled SSL termination.
Binary Version: 1.5.8
I am running Fabio with:
fabio -cfg fabio.properties
Contents of the fabio.properties are:
I was expecting that this would restrict TLS to version 1.1 only. But curl'ing the address in verbose mode shows that SSL handshake can be done in version 1.3 too. Am I making an error in tlsmin, tlsmax definitions or missing something else?