This repository has been archived by the owner on May 20, 2022. It is now read-only.
add TLS 1.3 support to web container #488
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
FYI iOS mobile app currently does not support connecting the WebSocket with TLS 1.3 |
Thanks for your feedback @enahum! It seems that iOS mobile app can use the older versions ? Support for older versions is not removed |
|
@nvjacobo maybe listed as a known issue in the readme? |
This change has TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 for chose by client. I am reading apple documents (https://developer.apple.com/security/) It seems iOS has support 1.2. |
|
IOS does support it, but the WebSocket implementation that we have does not. I know this for a fact as I’ve been running tests for a new implementation because of this issue |
|
As long as TLS 1.1 or 1.2 are also enabled, it should be ok |
cpanato
approved these changes
Aug 10, 2020
braunsonm
added a commit
to trecnoc/mattermost-docker
that referenced
this pull request
Feb 8, 2021
* bump MM to 5.25.0 * Remove sudo: required as it is deprecated. (mattermost#485) Co-authored-by: francois-d <dfrancis2.primus.ca> * update MM to 5.25.1 * bump mm to 5.25.2 * add TLS 1.3 support to web container (mattermost#488) * bump MM to 5.26.0 * bump MM to 5.26.1 * update MM to 5.27.0 * Quote arguments (mattermost#492) * DOPS-215: Add MM_INSTALL_TYPE environment variable. (mattermost#497) * bump based release * Update SSL ciphers and TLS versions in nginx config file (mattermost#501) * update MM to 5.29.0 * Consistency of app/* (mattermost#502) * be consistent with the use of tabs * tabs; shellcheck; consistency * use tabs * use shellcheck to fix non POSIX stuff * be consistent with the use of quotes and if-then-else / for-do-done * bump to use 5.29.1 release * Enable easy configuration of encrypted PostgreSQL connections with new optional DB_SSLMODE (defaults to current value of "disable") following values allowed by PostgreSQL (mattermost#506) * change to support environment variable configuration of SSL mode for PostgreSQL connections * Update Dockerfile (mattermost#508) * Updating shell scripts to adhear better to Bash style guides (mattermost#510) * Updated Shell Script Format Signed-off-by: Spencer <wf6DJd8a3xSSCZbn@protonmail.com> * Update Dockerfile (mattermost#511) Co-authored-by: Carlos Panato <ctadeu@gmail.com> Co-authored-by: Francois-D <46973576+Francois-D@users.noreply.github.com> Co-authored-by: nvjacobo <nvjacobo@users.noreply.github.com> Co-authored-by: Emanuele Panzeri <thePanz@users.noreply.github.com> Co-authored-by: Elisabeth Kulzer <elikul@elikul.de> Co-authored-by: Simon Staszkiewicz <sstaszkiewicz@copperleaf.com> Co-authored-by: Yannic Haupenthal <tohn@users.noreply.github.com> Co-authored-by: Dave Thompson <64275573+3leapsdet@users.noreply.github.com> Co-authored-by: Amy Blais <amy_blais@hotmail.com> Co-authored-by: wf6DJd8a3xSSCZbn <50090275+wf6DJd8a3xSSCZbn@users.noreply.github.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Add TLS 1.3 support to nginx web server.
Thanks, Jacobo