Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Undefined
Fix Version/s: CNV v4.22.0
Affects Version/s: None
Component/s: CNV Install, Upgrade and Operators
Labels:
- operator-portfolio
- security

Story Points:
2
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
CNV-74453
Component Fix Version(s):
None
Git Pull Request:
https://github.com/kubevirt/hyperconverged-cluster-operator/pull/4008
Market:

Original story points:
2
Sprint:
CNV I/U Operators Sprint 283, CNV I/U Operators Sprint 284

Regression:
None

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

PX Impact Score:

In HCO, add the TLS security profile configuration to the ConfigMap where of the console-plugin nginx configurations.

Notice that there is no concept of "minimum TLS version" in nginx. instead, there is a list of supported versions. so if the minimal TLS version in TLSv1.2, then the setting should be:

server {
    ...
    ssl_protocols       TLSv1.2 TLSv1.3;
    ...
}

It seems that the ciphers names should also be transform into ngnix format.

is blocked by

CNV-76619 Allow setting the TLSSecurityProfile in the console-plugin pod

Closed

Assignee:: Roni Rabinovitz

Reporter:: Nahshon Unna Tsameret

QA Contact:: Harel Meir

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/12/11 2:22 PM

Updated:: 2026/02/10 2:19 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates