fixes #2260 Update tlsVersion to TLSv1.3 by default in client.yml from client-config (#2261)

stevehu · web-flow · commit a9a6e75c794b · 2024-06-13T17:09:01.000-04:00
diff --git a/client-config/src/main/resources/config/client.yml b/client-config/src/main/resources/config/client.yml
@@ -23,9 +23,9 @@ tls:
   keyPass: ${client.keyPass:password}
   # public issued CA cert  password
   defaultCertPassword: ${client.defaultCertPassword:changeit}
-  # TLS version. Default is TSLv1.2, and you can downgrade to TLSv1 to support some internal old servers that support only TLSv1.1(deprecated
-  # and risky). You can also upgrade to TSLv1.3 for maximum security if all your servers support it.
-  tlsVersion: ${client.tlsVersion:TLSv1.2}
+  # TLS version. Default is TSLv1.3, and you can downgrade to TLSv1.2 to support some internal old servers that support only TLSv1.1
+  # and 1.2 (deprecated and risky).
+  tlsVersion: ${client.tlsVersion:TLSv1.3}
 # settings for OAuth2 server communication
 oauth:
   # OAuth 2.0 token endpoint configuration
