Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Support configuration of TLS min and max versions #2848

Closed
2 tasks done
tuminoid opened this issue Mar 7, 2023 · 2 comments
Closed
2 tasks done

Support configuration of TLS min and max versions #2848

tuminoid opened this issue Mar 7, 2023 · 2 comments

Comments

@tuminoid
Copy link
Contributor

tuminoid commented Mar 7, 2023

Preflight Checklist

  • I agree to follow the Code of Conduct that this project adheres to.
  • I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

Currently Dex only sets TLS min version to TLS1.2, and leaves negotiation of TLS version to Go and to the connecting client. There is no way to configure Dex to only accept TLS 1.3 for example.

Proposed Solution

Dex should support TLS min and max version configuration via config files and command line arguments like --tls-min-version and --tls-max-version commonly found in other projects, such as etcd (PR) and k8s.

Alternatives Considered

No response

Additional Information

No response

@tuminoid
Copy link
Contributor Author

Hello maintainers. Any thoughts on this? Is this something Dex would be willing to support or is there generally adopted way of working around this?

@tuminoid
Copy link
Contributor Author

Implemented in #3303 and released in 2.38.0!

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant