Change default value of FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3 to false

Question

Change default value of FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3 to false

Closed this issue 3 months ago · 0 comments

Release notes mention a known vulnerability when plain HTTP is used and the environment variable FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3 is unset, which default this setting to true. The release notes also mention that the default value for this setting will change to the more secure value of false in the Fabric v2 timeframe.