|
|
|
|
@ -2261,9 +2261,11 @@ signed by the CA can be used to gain full access to Consul.
|
|
|
|
|
the hostname we declare. |
|
|
|
|
|
|
|
|
|
- `tls_min_version` Added in Consul 0.7.4, this specifies |
|
|
|
|
the minimum supported version of TLS. Accepted values are "tls10", "tls11", "tls12", |
|
|
|
|
or "tls13". This defaults to "tls12". WARNING: TLS 1.1 and lower are generally |
|
|
|
|
considered less secure; avoid using these if possible. |
|
|
|
|
the minimum supported version of TLS. Accepted values as of Consul 1.11.0 are "TLSv1_0", |
|
|
|
|
"TLSv1_1", "TLSv1_2", or "TLSv1_3". This defaults to "TLSv1_2". WARNING: TLS 1.1 and |
|
|
|
|
lower are generally considered less secure; avoid using these if possible. |
|
|
|
|
Deprecated values of "tls10", "tls11", "tls12" and "tls13" are currently still accepted |
|
|
|
|
but will emit a warning during configuration and will be removed in a future release. |
|
|
|
|
|
|
|
|
|
- `tls_cipher_suites` Added in Consul 0.8.2, this specifies the list of |
|
|
|
|
supported ciphersuites as a comma-separated-list. Applicable to TLS 1.2 and below only. |
|
|
|
|
|
Mike Morris
3 years ago