opentelemetry-cpp icon indicating copy to clipboard operation
opentelemetry-cpp copied to clipboard

Published 20 hours ago verified publisher icon open-telemetry

[SECURITY] Remove OTLP HTTP support for TLS 1.0 and TLS 1.1, require TLS 1.2

Open marcalff opened this issue 7 months ago • 1 comments

Fixes #2721

Changes

Please provide a brief description of the changes here.

  • Remove support for min/max TLS 1.0 in the OTLP HTTP exporter
  • Remove support for min/max TLS 1.1 in the OTLP HTTP exporter
  • Require TLS 1.2 or better by default
  • This complies with https://www.ietf.org/rfc/rfc8996.html

For significant contributions please make sure you have completed the following items:

  • [X] CHANGELOG.md updated for non-trivial changes
  • [ ] Unit tests have been added
  • [ ] Changes in public API reviewed

marcalff avatar Jun 27 '24 13:06 marcalff