将自定义密码套件添加到Istio Gateway

本文介绍了将自定义密码套件添加到Istio Gateway的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我在网关上添加了一些自定义密码套件，如下所示:

I have added few custom cipher suites at the gateway like this :

tls:
      mode: MUTUAL
      credentialName: sds
      minProtocolVersion: TLSV1_2
      maxProtocolVersion: TLSV1_3
      cipherSuites: [ECDHE-ECDSA-AES256-GCM-SHA384|ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-RSA-AES256-GCM-SHA384|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-ECDSA-AES256-CBC-SHA384|ECDHE-ECDSA-AES128-CBC-SHA256|ECDHE-RSA-AES256-CBC-SHA384|ECDHE-RSA-AES128-CBC-SHA256]

是否有一种方法可以验证是否确实添加了这些密码套件?它的订购方式是否与我们指定的相同?

Is there a way to validate if these cipher suites have actually been added? Does it order in the same way as we have specified?

推荐答案

以防万一，您仍然想知道正确的格式是:

Just in case you are still wondering the correct format is:

tls:
  mode: MUTUAL
  credentialName: sds
  minProtocolVersion: TLSV1_2
  maxProtocolVersion: TLSV1_3
  cipherSuites:
  - ECDHE-ECDSA-AES256-GCM-SHA384
  - ECDHE-ECDSA-AES128-GCM-SHA256
  - ECDHE-RSA-AES256-GCM-SHA384
  - ECDHE-RSA-AES128-GCM-SHA256
  - ECDHE-ECDSA-AES256-CBC-SHA384
  - ECDHE-ECDSA-AES128-CBC-SHA256
  - ECDHE-RSA-AES256-CBC-SHA384
  - ECDHE-RSA-AES128-CBC-SHA256

这篇关于将自定义密码套件添加到Istio Gateway的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！