public inbox for [email protected]
help / color / mirror / Atom feedFrom: John Barker <[email protected]>
To: [email protected]
Subject: Fwd: Enforcing TLS 1.3 as a a minimum version
Date: Mon, 7 Apr 2025 14:29:43 -0400
Message-ID: <CA+7KU8qGkLzzAFJHuJfCe=jZuOG2ZHAWQvgv+oW+5m5ZBNAsOA@mail.gmail.com> (raw)
In-Reply-To: <CA+7KU8pPEXm-EbY0nk3CwiMkM962AMapwghwSAu0QmThnkZoNQ@mail.gmail.com>
References: <CA+7KU8pPEXm-EbY0nk3CwiMkM962AMapwghwSAu0QmThnkZoNQ@mail.gmail.com>
I am running pgAdmin 9.1 in a podman container and am trying to ensure that
TLS 1.3 is the minimum version. I have created an override file and I
know that it is being read at startup but the enforcement of TLS 1.3 is not
happening. I am using this configuration as suggested by the
documentation here: https://docs.gunicorn.org/en/21.2.0/settings.html
Any idea of what to check. I know the file is being parsed because if I
introduce a bad config, it is noted at startup.
Also, where or how is the instance variable for the config defined?
"The callable needs to accept an instance variable for the Config"
The below is a file mapped into the container called gunicorn_config.py
def ssl_context(conf, default_ssl_context_factory):
import ssl
context = default_ssl_context_factory()
context.minimum_version = ssl.TLSVersion.TLSv1_3
return context
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Fwd: Enforcing TLS 1.3 as a a minimum version
In-Reply-To: <CA+7KU8qGkLzzAFJHuJfCe=jZuOG2ZHAWQvgv+oW+5m5ZBNAsOA@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox