Removed TLSv1.1 from default set of supported protocols (#203856)

## Summary Removed `TLSv1.1` from default set of supported protocols. ### Checklist - [x] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) ## Release Note Removed `TLSv1.1` from default set of supported protocols __Closes: https://github.com/elastic/kibana/issues/184756__ --------- Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
2025-04-24 17:59:23 -04:00 · 2024-12-16 16:27:44 +01:00 · 2024-12-16 16:27:44 +01:00 · a25f1954bf
commit a25f1954bf
parent 5077e6d63d
5 changed files with 4 additions and 5 deletions
--- a/docs/setup/settings.asciidoc
+++ b/docs/setup/settings.asciidoc
@ -565,7 +565,9 @@ all http requests to https over the port configured as <<server-port, `server.po

 [[server-ssl-supportedProtocols]] `server.ssl.supportedProtocols`::
 An array of supported protocols with versions.
-Valid protocols: `TLSv1`, `TLSv1.1`, `TLSv1.2`, `TLSv1.3`. *Default: TLSv1.1, TLSv1.2, TLSv1.3*
+Valid protocols: `TLSv1`, `TLSv1.1`, `TLSv1.2`, `TLSv1.3`. *Default: TLSv1.2, TLSv1.3*
+Enabling `TLSv1.1` would require both setting the `--tls-min-1.1` option in the `node.options` configuration and adding `TLSv1.1` to `server.ssl.supportedProtocols`.
+`HTTP/2` requires the use of minimum `TLSv1.2` for secure connections.

 [[server-uuid]] `server.uuid`::
 The unique identifier for this {kib} instance. It must be a valid UUIDv4. It gets automatically generated on the first startup if not specified and persisted in the `data` path.