Rosbridge / Websocket (Melodic) -> How can I disable TLS 1.0 and 1.1?
Hello,
Unfortunately, TLS version 1.0 and 1.1 is activated on our Rosbridge / Websocket port 9090. We connect via Google Chrome with TLS version 1.3 and with Internet Explorer with version 1.2, but a vulnerability scan revealed TLS version 1.0 at port 9090 and that is a problem.
We use Ubuntu 18.04 and ROS Melodic. Start the Rosbridge / Websocket with a ROS Launchfile and give the arguments SSL True and Cert- and Keyfiles at the start. Unfortunately I can't find any arguments for the TLS version.
How can I deactivate TLS versions 1.0 and 1.1 on Rosbridge / Websocket?
Greetings Bernde
afaik,
rosbridgeuses Autobahn for its websocket infrastructure. You may want to see whether Autobahn provides any knobs to tune.I have now asked Python Autobahn, but have not yet received an answer. Does any of you know where the Python Autobahn files are or where I can find them in Ubuntu 18.04? Can these be found somewhere in the ROS structures or in the Python structures?
Afaik Autobahn is a system dependency, not a ROS package.
So this would be the default location for Python packages on your system.