d47f164a60
Pools can now be each be assigned an OpenSSL cipher string with the field tls_ciphers. A new configuration option, default_pool_ciphers, specifies what cipher string to use for new tls-enabled pools if one is not explicitly specified at time of creation. Change-Id: Iedb7774bfb8d70ea307d6a513248e1fe2389fa34 Depends-On: I77da6f14063877af0077f2c12df1aab5d5ead187 Story: 2006627 Task: 37172
8 lines
399 B
YAML
8 lines
399 B
YAML
---
|
|
features:
|
|
- |
|
|
TLS-enabled pools can now be individually configured with an OpenSSL cipher string.
|
|
The default cipher for new pools can be specified with ``default_pools_ciphers``
|
|
in ``octavia.conf``. The built-in default is OWASP's "Suite B" recommendation. (https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html)
|
|
Existing pools will be unaffected.
|