-
Bug
-
Resolution: Done-Errata
-
Major
-
None
-
4.12
-
None
Description of problem:
Facing the same issue as JIRA[1] in OCP 4.12 and for the backport this bug solution to the OCP 4.12 JIRA[1]: https://issues.redhat.com/browse/OCPBUGS-14064 As port 9447 is exposed from the cluster in one of the control nodes and is using weak cipher and TLS 1.0/ TLS 1.1 , this is incompatible with the security standards for our product release. Either we should be able to disable this port or update the cipher and TLS version as the fix for meeting the security standards as you are aware TLS 1.0 & TLS 1.1 are pretty old and deprecated already. we confirmed that fips were enabled during cluster deployment by passing the key-value pair in the config file."~~~ fips: true On JIRA[1] it is suggested to open a separate Bug for backporting.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1. 2. 3.
Actual results:
Expected results:
Additional info:
- blocks
-
OCPBUGS-17459 Port 9447 is exposed with a weak cipher and TLS 1.0/TLS 1.1
- Closed
-
OCPBUGS-17208 The Webhook port (9447) is supporting TLS 1.0/1.1
- Closed
- clones
-
OCPBUGS-17038 Port 9447 is exposed with a weak cipher and TLS 1.0/TLS 1.1
- Closed
- is blocked by
-
OCPBUGS-17038 Port 9447 is exposed with a weak cipher and TLS 1.0/TLS 1.1
- Closed
- is cloned by
-
OCPBUGS-17459 Port 9447 is exposed with a weak cipher and TLS 1.0/TLS 1.1
- Closed
- links to
-
RHBA-2023:4603 OpenShift Container Platform 4.13.z bug fix update