Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Potentially bad TLS connection settings #1513

Open
r0xdeadbeef opened this issue Aug 8, 2022 · 1 comment
Open

Potentially bad TLS connection settings #1513

r0xdeadbeef opened this issue Aug 8, 2022 · 1 comment
Labels
Discussion

Comments

@r0xdeadbeef
Copy link

r0xdeadbeef commented Aug 8, 2022
edited
Loading

reporter/email.go

image

Insecure TLS connection settings configuration. Refer to the occurrence to determine the specific misconfiguration
Our systems detect the following configurations:

Before making changes, consult this compatibility document: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
@r0xdeadbeef r0xdeadbeef added the bug label Aug 8, 2022
@MaineK00n MaineK00n added Discussion and removed bug labels Aug 9, 2022
@MaineK00n
Copy link
Collaborator

MaineK00n commented Aug 9, 2022
edited
Loading

Is what you are trying to say in this issue that we should explicitly write TLS secure settings? (e.g. InsecureSkipVerify: false)

By the way, there is also an Issue/PR that wants to allow InsecureSkipVerify to be freely configurable.
#1220

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discussion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MaineK00n @r0xdeadbeef