Forcing Logstash to use TLS 1_2


Is it possible to force Logstash (TCP_INPUT) into using TLS v.1.2 only?
Beats Input is actually using 1_2 but sadly my TCP input is using 1.0, 1.1 and 1.2.
Also, while starting Logstash I see:

    ssl.enabled.protocols = [TLSv1.2, TLSv1.1, TLSv1]

Is there any way to force Logstash into using TLSv1.2 and only this one?

Which JRE are you using (vendor and version)?

1 Like

openjdk version "1.8.0_222"
OpenJDK Runtime Environment (build 1.8.0_222-b10)
OpenJDK 64-Bit Server VM (build 25.222-b10, mixed mode)

There is a request to enable this within logstash. Otherwise you need to do it in the JRE. Does this help? To be honest I doubt it will ever get added to logstash because anyone who cares about disabling 1.1 will be comfortable doing it globally in the JRE.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.