Uploaded image for project: 'Maistra'
  1. Maistra
  2. MAISTRA-1792

2.0 SMCP spec.security.controlPlane.tls failed to configure SMCP TLS version, cipherSuites and ecdhCurves

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • maistra-2.0.0
    • maistra-2.0.0
    • None
    • None
    • MAISTRA 2.0.0

      2.0 SMCP spec.security.controlPlane.tls failed to configure SMCP TLS version, cipherSuites and ecdhCurves

      spec.istio.global.tls.minProtocolVersion:

      spec.security.controlPlane.tls.maxProtocolVersion:
      spec.security.controlPlane.tls.cipherSuites:
      spec.security.controlPlane.tls.ecdhCurves:

      change shows SMCP no change

      How to produce:
      1. OCP 4.5.7 with OSSM latest-2.0-qe installed
      2. patch or update SMCP with

      spec.security.controlPlane.tls.minProtocolVersion: TLSv1_2
      spec.security.controlPlane.tls.maxProtocolVersion: TLSv1_2
      spec.security.controlPlane.tls.cipherSuites:
      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256spec.security.controlPlane.tls.ecdhCurves:
      CurveP256, CurveP384

      3. Run testssl script

              yuaxu@redhat.com Yuanlin Xu
              yuaxu@redhat.com Yuanlin Xu
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: