diff --git a/changelogs/unreleased/sh-enable-tls-1-3.yml b/changelogs/unreleased/sh-enable-tls-1-3.yml new file mode 100644 index 0000000000000000000000000000000000000000..3c15ca777b0682b73f5537c4baab2e88f402f704 --- /dev/null +++ b/changelogs/unreleased/sh-enable-tls-1-3.yml @@ -0,0 +1,5 @@ +--- +title: Enable TLS v1.3 in NGINX +merge_request: 883 +author: +type: changed diff --git a/values.yaml b/values.yaml index e95e55dc7f628f2090d382a875a2c03873cfea57..7a7df86e622c3d5c8803febccf2d5185f5498af3 100644 --- a/values.yaml +++ b/values.yaml @@ -348,7 +348,7 @@ nginx-ingress: enable-vts-status: "true" use-http2: "false" ssl-ciphers: "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4" - ssl-protocols: "TLSv1.1 TLSv1.2" + ssl-protocols: "TLSv1.1 TLSv1.2 TLSv1.3" server-tokens: "false" extraArgs: force-namespace-isolation: ""