9a6da86481
Add field tls_versions to pools for restricing TLS versions used. This is a colon-separated string of versions to be used. Available values (as defined in octavia-lib): SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3 Add default_pool_tls_versions in octavia.conf Note: TLSv1.3 connections will use haproxy's default ciphers instead of the listener's tls_ciphers field Change-Id: I480b7fb9756d98ba9dbcdfd1d4b193ce6868e291 Story: 2006733 Task: 37173 Depends-On: Ic33d9b9a256490ae1b048cdfd2475d6340509fdb
8 lines
273 B
YAML
8 lines
273 B
YAML
---
|
|
features:
|
|
- |
|
|
TLS-enabled pools can now be configured to use only specified versions of
|
|
TLS. Default TLS versions for new pools can be set with
|
|
``default_pool_tls_versions`` in ``octavia.conf``. Existing pools
|
|
will continue to use the old defaults.
|