mirror of https://github.com/status-im/consul.git
📝 Clarify the list of supported TLS cipher suites
Previously, the documentation linked to Golang's source code, which can drift from the list of cipher suites supported by Consul. Consul has a hard-coded mapping of string values to Golang cipher suites, so this is a more direct source of truth to help users understand which string values are accepted in the `tls_cipher_suites` configuration value.
This commit is contained in:
parent
3ed071b4a6
commit
84d650cc4a
|
@ -1341,7 +1341,8 @@ Consul will not enable TLS for the HTTP API unless the `https` port has been ass
|
||||||
|
|
||||||
* <a name="tls_cipher_suites"></a><a href="#tls_cipher_suites">`tls_cipher_suites`</a> Added in Consul
|
* <a name="tls_cipher_suites"></a><a href="#tls_cipher_suites">`tls_cipher_suites`</a> Added in Consul
|
||||||
0.8.2, this specifies the list of supported ciphersuites as a comma-separated-list. The list of all
|
0.8.2, this specifies the list of supported ciphersuites as a comma-separated-list. The list of all
|
||||||
available ciphersuites is available in the [Golang TLS documentation](https://golang.org/src/crypto/tls/cipher_suites.go).
|
supported ciphersuites is available in the [`tlsutil.ParseCiphers` source as the keys of the `cipherMap`
|
||||||
|
map](https://github.com/hashicorp/consul/blob/6378d607fd887327cfd1aadccf1ccb683da745b6/tlsutil/config.go#L363).
|
||||||
|
|
||||||
* <a name="tls_prefer_server_cipher_suites"></a><a href="#tls_prefer_server_cipher_suites">
|
* <a name="tls_prefer_server_cipher_suites"></a><a href="#tls_prefer_server_cipher_suites">
|
||||||
`tls_prefer_server_cipher_suites`</a> Added in Consul 0.8.2, this will cause Consul to prefer the
|
`tls_prefer_server_cipher_suites`</a> Added in Consul 0.8.2, this will cause Consul to prefer the
|
||||||
|
|
Loading…
Reference in New Issue