Currently, the only accepted version of TLS is set to v1.2, although Netty set v1.3 in the default settings already ~2 years ago. Lets remove this restriction and allow connections with 1.3 also.
The other issue is that SslContext is only created on server startup, so it is never refreshed and the certs are never reloaded. We need something to automatically reload them whenever a change happens (as cass-operator would always load from the Secret the latest one - so should we if the secret on the disk has been modified).
Currently, the only accepted version of TLS is set to v1.2, although Netty set v1.3 in the default settings already ~2 years ago. Lets remove this restriction and allow connections with 1.3 also.
The other issue is that SslContext is only created on server startup, so it is never refreshed and the certs are never reloaded. We need something to automatically reload them whenever a change happens (as cass-operator would always load from the Secret the latest one - so should we if the secret on the disk has been modified).