You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ability to Disable Specific TLS Versions in F5 BIG-IP Kubernetes Operator
Description
This feature request is to add the capability to disable specific TLS versions in the F5 BIG-IP Kubernetes Operator, allowing users to configure which TLS versions are enabled or disabled.
Actual Problem
Currently, the F5 BIG-IP Kubernetes Operator does not provide an option to selectively disable certain TLS versions. This can be problematic for users who need to comply with security standards or have specific security requirements that mandate the use of certain TLS versions.
Solution Proposed
Add a configuration option to the TLSProfile clientSSLParams that allows users to specify which TLS versions should be enabled or disabled. This will provide users with the flexibility to configure TLS settings according to their security needs.
Alternatives
One alternative could be to manually configure the TLS versions on the F5 BIG-IP device after deployment using the Kubernetes Operator. However, this would be less efficient and could lead to configuration drift.
Additional context
This feature is important for organizations that need to comply with security standards such as PCI DSS, which require the use of specific TLS versions and configurations.
The text was updated successfully, but these errors were encountered:
shkarface
changed the title
Being able to diable TLS1.1 and TLS1.2 in client ssl certificates
Being able to disable specific tls version client ssl certificates
May 6, 2024
Title
Ability to Disable Specific TLS Versions in F5 BIG-IP Kubernetes Operator
Description
This feature request is to add the capability to disable specific TLS versions in the F5 BIG-IP Kubernetes Operator, allowing users to configure which TLS versions are enabled or disabled.
Actual Problem
Currently, the F5 BIG-IP Kubernetes Operator does not provide an option to selectively disable certain TLS versions. This can be problematic for users who need to comply with security standards or have specific security requirements that mandate the use of certain TLS versions.
Solution Proposed
Add a configuration option to the TLSProfile clientSSLParams that allows users to specify which TLS versions should be enabled or disabled. This will provide users with the flexibility to configure TLS settings according to their security needs.
Alternatives
One alternative could be to manually configure the TLS versions on the F5 BIG-IP device after deployment using the Kubernetes Operator. However, this would be less efficient and could lead to configuration drift.
Additional context
This feature is important for organizations that need to comply with security standards such as PCI DSS, which require the use of specific TLS versions and configurations.
The text was updated successfully, but these errors were encountered: