Disable TLS 1.0 and 1.1 for GAE Python/Django

[CHUAN QIN]

Hi,

I am hosting a Django web app in GAE  (python 2.7). Understand I need to bump to Python 3 asap. 

However currently I have a request from client to disable TLS 1.0 and 1.1 on this web app. Is this achievable from code level, or should I ask help from GCP support? 

Any help is much appreciated.

Thank you!

[Olu]

At the moment, there is really no way to limit communication to TLS 1.2 on your application. To get this done at the moment, I recommend that you contact the GCP Support engineers[1] so that the team could help with disabling these other versions of TLS.

There is a Feature request[2] that was submitted to our product engineers for an implementation that allows a way to select which TLS versions(1.0/1.1/1.2) should be permitted on your App Engine application. The evaluation of this request is ongoing and there is no ETA  at this time. You can bookmark the link for regular updates on this feature. 

[1]https://cloud.google.com/support-hub

[2]https://issuetracker.google.com/80295154

[Hamid Raza]

It is better to contact GCP support. They will take care of it for your project.
And I think that's the recommended way (as I read about it 3-4 months ago).

[CHUAN QIN]

Sure, will do. Tks!