 cd176e55c5
			
		
	
	cd176e55c5
	
	
	
		
			
			Listeners will now be able to each be assigned their own OpenSSL cipher string with a new field: tls_ciphers. There is also a new configuration option, default_listener_ciphers, which specifies the cipher string to assign to new listeners when one is not explicitly specified. Change-Id: I77da6f14063877af0077f2c12df1aab5d5ead187 Depends-On: Id5f4c20abd40dd092558a711987953012d4ae67f Story: 2006627 Task: 36839
		
			
				
	
	
		
			7 lines
		
	
	
		
			420 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			7 lines
		
	
	
		
			420 B
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| features:
 | |
|   - |
 | |
|     HTTPS-terminated listeners can now be individually configured with an OpenSSL cipher string.
 | |
|     The default cipher string for new listeners can be specified with ``default_tls_ciphers``
 | |
|     in ``octavia.conf``. The built-in default is OWASP's "Suite B" recommendation. (https://cheatsheetseries.owasp.org/cheatsheets/TLS_Cipher_String_Cheat_Sheet.html)
 | |
|     Existing listeners will be unaffected. |