mirror of
https://github.com/google/nomulus
synced 2026-03-26 20:35:18 +00:00
f2cfd36b73
The JDK version of SSL has long supported TLS v1.3 (since version 11) so fortunately we can use TLS v1.3 regardless if which implementation of SSL we're using. We prefer OpenSSL in general so I'm not entirely sure why we were using the JDK version of SSL on the proxy before, but this should work and be a good idea regardless. Tested on alpha by running ``` $ openssl s_client -connect epp.registryalpha.foo:700 -tls1_3 -ciphersuites "TLS_AES_128_GCM_SHA256" ``` Previously we'd get a failure, now it returns the proper cert data.