Fix: min tls setting for webhook server #2118

kangsheng89 · 2022-11-16T05:31:47Z

What happened?

default TLS version for webhook server on port 9443 is enabled with TLSv1.0 and TLSv1.1, which are deprecated due to known vulnerabilities and should be avoided.

this can be refer with issues from open-telemetry/opentelemetry-operator#1225

Steps to reproduce

running sslscan on port 9443

Expected behavior

TLSv1.0 and TLSv1.1 should be disable

Relevant log output

No response

Screenshot

this is my local test, where i portforward port 9443 to 10001

Additional context

No response

Jaeger backend version

No response

SDK

No response

Pipeline

No response

Stogage backend

No response

Operating system

No response

Deployment model

No response

Deployment configs

No response

kangsheng89 added the bug Something isn't working label Nov 16, 2022

kangsheng89 mentioned this issue Nov 16, 2022

fix for min tls version to v1.2 #2119

Merged

frzifus closed this as completed in #2119 Nov 22, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix: min tls setting for webhook server #2118

Fix: min tls setting for webhook server #2118

kangsheng89 commented Nov 16, 2022

Fix: min tls setting for webhook server #2118

Fix: min tls setting for webhook server #2118

Comments

kangsheng89 commented Nov 16, 2022

What happened?

Steps to reproduce

Expected behavior

Relevant log output

Screenshot

Additional context

Jaeger backend version

SDK

Pipeline

Stogage backend

Operating system

Deployment model

Deployment configs