neoaggelos
commented
1 year ago Hi @ryanwong00 we will be adding a --min-tls-version flag in k8s-dqlite with #49
Open ryanwong00 opened 1 year ago
neoaggelos
commented
1 year ago Hi @ryanwong00 we will be adding a --min-tls-version flag in k8s-dqlite with #49
Hi all,
I am using a MicroK8s 1.27 cluster. We recently used Nexsus to do a security scan and it raised a medium threat for 'SSL Medium Strength Cipher Suites Supported (SWEET32)' on port 19001. Is there any way to define the cipher suite or enforce TLS1.3 in dqlite?
BTW, this vulnerability was not found in MicroK8s 1.23. Using
nmap --script ssl-enum-ciphers -p 19001 hostnamealso showed that the 3DES is being supported in 1.27 while not in 1.23.Thanks in advance Ryan