TLSv1.0 upgrade in airflow webserver #51395
Unanswered
BhavyaGarg8
asked this question in
Q&A
Replies: 1 comment
-
|
If you have high security expectations - you should configure your TLS termination on your own - this is a typical practice - since there is no way to make all expectations, certificates etc in airflow - setting up reverse proxy and configuring your security requirements there is the recommended way: #34829 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi, our service is having security findings i.e TLSv1.0 is supported but we need to enusre minimum TLSv1.2. We are using apache airflow and using certs to enable SSL using airflow.cfg. I used the environment variable
export GUNICORN_CMD_ARGS="--ssl-version=5"to force the TLSv1.2 ('5' in python means TLSv1.2). Even after building the docker image and deploying running commandopenssl s_client -connect localhost:8443 -tls1and still get the success although it should show handshake failure.Beta Was this translation helpful? Give feedback.
All reactions