Correct the POLY1305 cipher suites by adding the suffix _SHA256 (#10641)
parent
de2c4429a4
commit
13e1f33898
|
@ -340,7 +340,7 @@ persistent_volumes_enabled: false
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
@ -348,7 +348,7 @@ persistent_volumes_enabled: false
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||||
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
|
|
@ -107,9 +107,7 @@ etcd_retries: 4
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
|
||||||
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
|
||||||
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
|
|
||||||
# ETCD 3.5.x issue
|
# ETCD 3.5.x issue
|
||||||
|
|
|
@ -203,7 +203,7 @@ secrets_encryption_query: "resources[*].providers[0].{{ kube_encryption_algorith
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
@ -211,7 +211,7 @@ secrets_encryption_query: "resources[*].providers[0].{{ kube_encryption_algorith
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||||
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
|
|
@ -223,7 +223,7 @@ azure_cloud: AzurePublicCloud
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
@ -231,7 +231,7 @@ azure_cloud: AzurePublicCloud
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
# - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
# - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
|
||||||
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
# - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||||
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
# - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
# - TLS_ECDHE_RSA_WITH_RC4_128_SHA
|
||||||
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
# - TLS_RSA_WITH_3DES_EDE_CBC_SHA
|
||||||
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
# - TLS_RSA_WITH_AES_128_CBC_SHA
|
||||||
|
|
|
@ -29,7 +29,7 @@ tls_min_version: VersionTLS12
|
||||||
tls_cipher_suites:
|
tls_cipher_suites:
|
||||||
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
|
||||||
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||||
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
|
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
|
||||||
|
|
||||||
# enable encryption at rest
|
# enable encryption at rest
|
||||||
kube_encrypt_secret_data: true
|
kube_encrypt_secret_data: true
|
||||||
|
|
Loading…
Reference in New Issue