Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: 4.18.0
Component/s: Etcd
Labels:
- api

Severity:
Important
Regression:
None
Epic Link:
Enable TLS v1.3
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Type:
Release Note Not Required
Release Note Status:
In Progress
Target Version:

4.19.0
Target Backport Versions:

4.17.z, 4.16.z, 4.18.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

If we try to enable a Modern TLS profile:

EnvVarControllerDegraded: no supported cipherSuites not found in observedConfig

also, if we do manage to pass along the Modern TLS profile cipher suit, we see:

http2: TLSConfig.CipherSuites is missing an HTTP/2-required AES_128_GCM_SHA256 cipher (need at least one of TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 or TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256)

links to

openshift/cluster-etcd-operator#1364: OCPBUGS-43748: ensure tls min version and cipher suites specified on etcd pod containers

RHEA-2024:6122 OpenShift Container Platform 4.18.z bug fix update

Assignee:: Luis Sanchez

Reporter:: Luis Sanchez

QA Contact:: Ge Liu

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/10/23 2:26 PM

Updated:: 2024/12/24 7:42 AM