Unable to use TLS 1.3 - Githubissues

GoogleCloudPlatform / gke-managed-certs

Managed Certificates for Kubernetes clusters using GCLB

Apache License 2.0

246 stars 32 forks source link

Unable to use TLS 1.3 #33

Closed gijo-varghese closed 5 years ago

gijo-varghese commented 5 years ago

The default certificate created uses TLS 1.2. Is there any way to use TLS 1.3?

TLS 1.3 is much faster and browser support is much better than before

krzykwas commented 5 years ago

I believe that the certificate that is provisioned can be used with different versions of TLS protocol, including 1.3. The choice of protocol version should be done on load balancer, though, which in this case is GKE Ingress. As far as I know this is usually done via SSL policies and most probably TLS 1.3. is not yet supported.

gijo-varghese commented 5 years ago

@krzykwas yes, I think TLS 1.3 is not supported yet. Wonder why they're not upgrading it!

krzykwas commented 5 years ago

Even though I have been working closely with the team responsible for GKE Ingress, I will not speculate about their priorities, please ask them.

gijo-varghese commented 5 years ago

@krzykwas ok. But where can I ask them?

krzykwas commented 5 years ago

You could ask on github, Ingress GKE, or through Google support, maybe?