Being able to disable specific tls version client ssl certificates

[shkarface]

Title

Ability to Disable Specific TLS Versions in F5 BIG-IP Kubernetes Operator

Description

This feature request is to add the capability to disable specific TLS versions in the F5 BIG-IP Kubernetes Operator, allowing users to configure which TLS versions are enabled or disabled.

Actual Problem

Currently, the F5 BIG-IP Kubernetes Operator does not provide an option to selectively disable certain TLS versions. This can be problematic for users who need to comply with security standards or have specific security requirements that mandate the use of certain TLS versions.

Solution Proposed

Add a configuration option to the TLSProfile clientSSLParams that allows users to specify which TLS versions should be enabled or disabled. This will provide users with the flexibility to configure TLS settings according to their security needs.

Alternatives

One alternative could be to manually configure the TLS versions on the F5 BIG-IP device after deployment using the Kubernetes Operator. However, this would be less efficient and could lead to configuration drift.

Additional context

This feature is important for organizations that need to comply with security standards such as PCI DSS, which require the use of specific TLS versions and configurations.

[trinaths]

Created [CONTCNTR-4717] for internal tracking.