baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Remove TLS cipher suites for TLS minVersion 1.3

Browse source
This commit is contained in:
rYR79435 2020-02-17 17:38:05 +01:00 committed by GitHub
parent 86407871e6
commit ef504f3eba
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
docs/content/migration/v1-to-v2.md
View file

@ -236,11 +236,8 @@ Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one o
keyFile = "/path/to/domain.key" keyFile = "/path/to/domain.key"
[tls.options] [tls.options]
[tls.options.default]
minVersion = "VersionTLS12"
[tls.options.myTLSOptions] [tls.options.myTLSOptions]
minVersion = "VersionTLS13" minVersion = "VersionTLS12"
cipherSuites = [ cipherSuites = [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
@ -267,7 +264,7 @@ Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one o
keyFile: /path/to/domain.key keyFile: /path/to/domain.key
options: options:
myTLSOptions: myTLSOptions:
minVersion: VersionTLS13 minVersion: VersionTLS12
cipherSuites: cipherSuites:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
@ -286,7 +283,7 @@ Then, a [router's TLS field](../routing/routers/index.md#tls) can refer to one o
namespace: default namespace: default
spec: spec:
minVersion: VersionTLS13 minVersion: VersionTLS12
cipherSuites: cipherSuites:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305