homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add support for MaxVersion in tls.Options

Browse source
This commit is contained in:
kmeekva 2019-10-29 07:58:05 -04:00 committed by Traefiker Bot
parent 5f8fb6c226
commit 1f39083555
8 changed files with 72 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

51
docs/content/https/tls.md
View file

@ -181,6 +181,57 @@ spec:
minVersion: VersionTLS13
```
### Maximum TLS Version
We discourages the use of this setting to disable TLS1.3.
The right approach is to update the clients to support TLS1.3.
```toml tab="File (TOML)"
# Dynamic configuration
[tls.options]
[tls.options.default]
maxVersion = "VersionTLS13"
[tls.options.maxtls12]
maxVersion = "VersionTLS12"
```
```yaml tab="File (YAML)"
# Dynamic configuration
tls:
options:
default:
maxVersion: VersionTLS13
maxtls12:
maxVersion: VersionTLS12
```
```yaml tab="Kubernetes"
apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption
metadata:
name: default
namespace: default
spec:
maxVersion: VersionTLS13
---
apiVersion: traefik.containo.us/v1alpha1
kind: TLSOption
metadata:
name: maxtls12
namespace: default
spec:
maxVersion: VersionTLS12
```
### Cipher Suites
See [cipherSuites](https://godoc.org/crypto/tls#pkg-constants) for more information.