Disable TLSv1.0 by default #36021
Description
TLSv1.0 is an older protocol that has known security issues. Given the age of this protocol and support for TLSv1.1 and TLSv1.2, we should disable TLSv1.0 by default. A user will still be able to enable TLSv1.0 if they have a need for this.
As part of this, in 6.x we need to provide a deprecation warning when a connection is made with the TLSv1.0 protocol.
Tasks
- Revmoe TLS 1.0 from defaults in 7.0 Remove TLS 1.0 as a default SSL protocol #37512
- Add deprecation warnings / logs if TLS 1.0 is used in 6.x Issue deprecation warning if TLSv1.0 is used without explicit config #37788
- Add TLS 1.0 warning to deprecation / migration API Add TLS version changes to deprecation checks #37793