Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Globally configure min_tls_version and cipher_suites for all connections #5534

Open
jastBytes opened this issue Jan 29, 2024 · 0 comments
Open

Globally configure min_tls_version and cipher_suites for all connections #5534

jastBytes opened this issue Jan 29, 2024 · 0 comments
Labels
t:feature New feature or enhancement request

Comments

@jastBytes
Copy link

Please describe your use case / problem.
For security considerations we would like to define min_tls_version and cipher_suites for all connections made via Emissary Ingress.

Describe the solution you'd like
We would like to enforce min_tls_version and cipher_suites for all connections via Helm Chart or via the Module CRD.

Describe alternatives you've considered
We considered writing a Kyverno policy to mutate all Mappings/Hosts/TLSContext but this is not really feasible.

Additional context
Slack conversation about the topic https://datawire-oss.slack.com/archives/CAULN7S76/p1701079091551359.
@cindymullins-dw cindymullins-dw added the t:feature New feature or enhancement request label Feb 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
t:feature New feature or enhancement request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jastBytes @cindymullins-dw