Why does Jitsi support TLS 1.0/1.1?

I was wondering why the Jitsi default configuration supports tls 1.0 / 1.1 even though they are no longer considered secure. Does anyone know what is the reason for this?

1 Like

That shouldn’t be the case. Where have you seen this? It has to be corrected.

The report from https://www.ssllabs.com/ shows that TLS 1.0 / 1.1 is enabled.

And my self hosted instance has the following nginx config (where I thought I had changed nothing).

image

I’ll raise the meet.jit.si issue… We use CloudFlare now, not nginx directly.

As for your self-hoosted instance, this is the new config we apply: jitsi-meet/jitsi-meet.example at 7995c7ed003cf5b381cda3ed41b3fcdcec37f203 · jitsi/jitsi-meet · GitHub

You’ll need to update that manually.

1 Like

All right. As always, thank you very much for the quick and detailed answers! One last question: Why do I have to update it manually? I deployed one of the last docker images (7287-2) and thought I would get the newest settings.

This is the current Docker config: docker-jitsi-meet/ssl.conf at 4372717dc34cd0ce8af6ee5b6b3f0d7d866cf346 · jitsi/docker-jitsi-meet · GitHub any chance you haven’t re-created the container since the upgrade?

It was the wrong file. Sorry! I looked in “nginx.conf” and not in “ssl.conf”.

We updated our config, thanks for the heads up!

1 Like