gt;From: Demetrius Tsitrelis [mailto:demetrius.tsitre...@citrix.com]
>Sent: Tuesday, December 24, 2013 10:11 AM
>To: dev@cloudstack.apache.org
>Subject: RE: TLSv1 vs TLS vs SSL use throughout CS
>
>If all of the servers and clients support the latest TLS version (1.2)
>then that is the
@cloudstack.apache.org
Subject: RE: TLSv1 vs TLS vs SSL use throughout CS
If all of the servers and clients support the latest TLS version (1.2) then
that is the preferred option.
If not, perhaps we could configure fallback behavior with a list of acceptable
SSL/TLS versions? So, if the admin
provider as well so that
providers with other characteristics (FIPS, etc.) could be easily chosen.
-Original Message-
From: Chiradeep Vittal [mailto:chiradeep.vit...@citrix.com]
Sent: Monday, December 23, 2013 3:00 PM
To: dev@cloudstack.apache.org
Subject: Re: TLSv1 vs TLS vs SSL use throughout
Why not set it to the highest secure protocol level always?
On 12/20/13 12:56 PM, "Demetrius Tsitrelis" wrote:
>
>
>I was looking at the SSL code in CloudStack
>and noticed that there are about a dozen calls to the
>SSLContext.getInstance() method. Some of them
>use the "SSL" protocol while
>o
