COLTP-352928:尽管已启用TLSv1、但仍允许使用它
问题描述
- After disabling TLSv1 on the cluster, some SVM managment LIFs are still accepting the connection:
Cluster::*> security config show -fields supported-protocols interface supported-protocols --------- ------------------- SSL TLSv1.2, TLSv1.3
- TLSv1 is still accepted:
> .\openssl.exe s_client -connect svm-management-lif:443 -tls1 -CAfile "C:\Install\ca.pem" .. SSL-Session: Protocol : TLSv1 Cipher : ECDHE-RSA-AES256-SHA Session-ID: 7C5B1A3F5C9C6D6C7F0A0C1A9D8E7D5B1B3C0A9C1F6C5C4E3B9F5C0A7C6B8D1C6A5C Session-ID-ctx: Master-Key: C1E4A9F3B5C7E6A1D1C7C0E9D2E4A8B5F6A1C3B7E1F0A8D7C1E6B9A2C4E0D8F3B5A6C