We're updating the issue view to help you get more done.Learn more

Improve TLS Security by moving toward TLSv1.2

Currently the library we use for SSL on the server supports TLSv1.0 and above. However, TLSv1.0 is highly susceptible to attacks, and TLSv1.1 is also susceptible, so we should provide users with the ability to select TLSv1.2

Note: As of 30 Jun 2018, PCI DSS compliance requires the use of something higher than TLSv1.0, preferably TLSv1.2

Status

Mana

2

Assignee

Mattermost Community

Reporter

Paul Rothrock

Epic Link

Fix versions

Mattermost Team

ABC

Sprint

None

QA Assignee

Lindy Isherwood

QA Test Steps

No testing required.