Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-2926

Ability to configure TLS ciphers in oauth-proxy

    XMLWordPrintable

Details

    • False
    • None
    • False
    • Not Selected
    • 0
    • 0% 0%

    Description

      1. Proposed title of this feature request
      Ability to configure TLS ciphers in oauth-proxy

      2. What is the nature and description of the request?
      Certain ciphers are considered insecure and are requested to be dropped by the Federal Office for Information Security (Germany).

      It's therefore requested to have a way to configure TLS ciphers in oauth-proxy based on either OpenShift Container Platform 4 Cluster-wide cryptographic policies or via custom configruation option to apply customization and only have approved ciphers served by oauth-proxy

      3. Why does the customer need this? (List the business requirements here)
      The ciphers considered secure by Federal Office for Information Security (Germany) are listed in BSI TR-02102-2 and companies in Germany are requested and recommended to follow these guidelines as strictly as possible to guarantee secure data exchange. Further in some areas the guidelines are mandatory to be followed and therefore customers have a need to comply accordingly with all tooling in use (including OpenShift Container Platform)

      4. List any affected packages or components.
      oauth-proxy

      Attachments

        Activity

          People

            atelang@redhat.com Anjali Telang
            rhn-support-sreber Simon Reber
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: