status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

📝 Clarify the list of supported TLS cipher suites 

Previously, the documentation linked to Golang's source code, which
can drift from the list of cipher suites supported by Consul. Consul
has a hard-coded mapping of string values to Golang cipher suites, so
this is a more direct source of truth to help users understand which
string values are accepted in the `tls_cipher_suites` configuration
value.
This commit is contained in:
Devin Canterberry 2018-03-13 09:25:03 -07:00
parent 3ed071b4a6
commit 84d650cc4a
No known key found for this signature in database
GPG Key ID: 46A3228937AB74EC
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
website/source/docs/agent/options.html.md
View File

@ -1341,7 +1341,8 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
* <a name="tls_cipher_suites"></a><a href="#tls_cipher_suites">`tls_cipher_suites`</a> Added in Consul
0.8.2, this specifies the list of supported ciphersuites as a comma-separated-list. The list of all
available ciphersuites is available in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go).
supported ciphersuites is available in the [`tlsutil.ParseCiphers` source as the keys of the `cipherMap`
map](https://github.com/hashicorp/consul/blob/6378d607fd887327cfd1aadccf1ccb683da745b6/tlsutil/config.go#L363).
* <a name="tls_prefer_server_cipher_suites"></a><a href="#tls_prefer_server_cipher_suites">
`tls_prefer_server_cipher_suites`</a> Added in Consul 0.8.2, this will cause Consul to prefer the