-
Notifications
You must be signed in to change notification settings - Fork 184
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to configure client TLS enabled protocol versions and cipher suites via Spring properties #635
Labels
status: ideal-for-contribution
An issue that a contributor can help us with
type: enhancement
A general enhancement
Milestone
Comments
Sounds good. We have a config class for ssl that we use to configure the ssl context. Feel free to submit a pull request. |
mp911de
added
status: ideal-for-contribution
An issue that a contributor can help us with
type: enhancement
A general enhancement
labels
Mar 11, 2021
Great, I've already spent some time implementing this, I'll try and finish it off in the next little while. |
mryangza
added a commit
to mryangza/spring-vault
that referenced
this issue
Mar 15, 2021
suites via Spring properties - Adding the ability to explicitly configure the enabled SSL protocol versions and cipher suites used by the Vault HTTP client via the following Spring properties: * vault.ssl.enabled-protocols * vault.ssl.enabled-cipher-suites - Properties should be a comma-separated list of String constants that correspond to those used by the enabled SSL provider. Closes spring-projectsgh-635
mryangza
added a commit
to mryangza/spring-vault
that referenced
this issue
Mar 15, 2021
suites via Spring properties - Adding the ability to explicitly configure the enabled SSL protocol versions and cipher suites used by the Vault HTTP client via the following Spring properties: * vault.ssl.enabled-protocols * vault.ssl.enabled-cipher-suites - Properties should be a comma-separated list of String constants that correspond to those used by the enabled SSL provider. Closes spring-projectsgh-635
mp911de
pushed a commit
that referenced
this issue
Mar 16, 2021
…her suites via Spring properties. - Adding the ability to explicitly configure the enabled SSL protocol versions and cipher suites used by the Vault HTTP client via the following Spring properties: * vault.ssl.enabled-protocols * vault.ssl.enabled-cipher-suites - Properties should be a comma-separated list of String constants that correspond to those used by the enabled SSL provider. Closes gh-635 Original pull request: gh-640.
This was referenced Mar 16, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
status: ideal-for-contribution
An issue that a contributor can help us with
type: enhancement
A general enhancement
It would be useful if the enabled TLS protocol versions and cipher suites used by an HTTP client to Vault could be configurable via Spring properties (bound to the
org.springframework.vault.support.SslConfiguration
class). These could then be set on the SSL socket factory created by the underlying request factories created via theorg.springframework.vault.client.ClientHttpRequestFactoryFactory
class. It looks like Apache HTTP Components and Netty support setting this via their builders, I am unsure whether OkHttp does. It might require a custom SSL socket factory wrapper that decorates the sockets as they are created (before they are connected).Thoughts? I am happy to attempt a PR.
The text was updated successfully, but these errors were encountered: