Hi Gary AFAIK, I think cloudstack has disabled anything below TLS v1.2 from 4.11.0 release
https://github.com/apache/cloudstack/pull/2480 https://issues.apache.org/jira/browse/CLOUDSTACK-10319 [https://opengraph.githubassets.com/2b9813d128412ed49741e9c7523f4d3fb466d19b3c3b290539fb876ba1bcf0a9/apache/cloudstack/pull/2480]<https://github.com/apache/cloudstack/pull/2480> CLOUDSTACK-10319: Prefer TLSv1.2, deprecate TLSv1.0,1.1 by rohityadavcloud · Pull Request #2480 · apache/cloudstack<https://github.com/apache/cloudstack/pull/2480> This deprecates and remove TLS 1.0 and 1.1 from preferred list of protocols and keeps only TLSv1.2. @blueorangutan package github.com Regards Kiran ________________________________ From: Gary Dixon <[email protected]> Sent: 07 March 2023 17:35 To: [email protected] <[email protected]> Subject: Console Proxy VM TLS version and cipher suites Hi all Is there a way of limiting the console proxy to allow nothing below TLS v1.2, 1.3 and only allow strong cipher suites – we are failing a PEN test currently and need to strengthen the CPVM security ? TIA Gary Gary Dixon Senior Technical Consultant T: +44 161 537 4990 E: v<tel:+44%207989717661>ms@quadris‑support.com W: www.quadris.co.uk [cid:[email protected]] The information contained in this e-mail from Quadris may be confidential and privileged for the private use of the named recipient. The contents of this e-mail may not necessarily represent the official views of Quadris. If you have received this information in error you must not copy, distribute or take any action or reliance on its contents. Please destroy any hard copies and delete this message.
