Skip to content

Commit

Permalink
Issue #313: update finesse ingress with recommended ciphers and curves (
Browse files Browse the repository at this point in the history 
#314)
  • Loading branch information
@SonOfLope
SonOfLope authored Jul 23, 2024
1 parent cb93c6c commit 63397f1
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions kubernetes/aks/apps/finesse/public/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ metadata:
nginx.ingress.kubernetes.io/rewrite-target: /$2 # https://kubernetes.github.io/ingress-nginx/examples/rewrite/
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/ssl-prefer-server-ciphers: "true"
nginx.ingress.kubernetes.io/ssl-ciphers: "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
nginx.ingress.kubernetes.io/ssl-ecdh-curve: "secp256r1:secp384r1:secp521r1"
spec:
ingressClassName: nginx
tls:
Expand Down Expand Up @@ -40,6 +43,9 @@ metadata:
ingress.kubernetes.io/force-ssl-redirect: "true"
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/ssl-prefer-server-ciphers: "true"
nginx.ingress.kubernetes.io/ssl-ciphers: "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256"
nginx.ingress.kubernetes.io/ssl-ecdh-curve: "secp256r1:secp384r1:secp521r1"
spec:
ingressClassName: nginx
tls:
Expand Down

0 comments on commit 63397f1

Please sign in to comment.