terraform-provider-citrixadc icon indicating copy to clipboard operation
terraform-provider-citrixadc copied to clipboard

Published 20 hours ago verified publisher icon citrix

[FEATURE REQUEST] - order of "ecccurvebindings"

Open adc-nerd opened this issue 1 year ago • 4 comments

Feature Request

Is your feature request related to a problem? Please describe. ECC curve binding order should be honored. There is a difference between: resource "citrixadc_sslprofile" "my_sslprofile" { ecccurvebindings = ["P_256", "P_384", "P_521"] ... } and resource "citrixadc_sslprofile" "my_sslprofile" { ecccurvebindings = ["P_521", "P_384", "P_256"] ... }

Describe the solution you'd like Ecc curve binding order should be observed. Provider need to unbind/bind ecc curves to accomblish binding order.

Additional context ECC curve order is security and performance related.

adc-nerd avatar Jul 03 '23 09:07 adc-nerd

Hey @adc-nerd I just wanted to confirm this, I had a conversation with the internal team here, but I found that the order doesn't make any difference in the ecccurve binding to the sslprofile. Please check this again and update me on this.

rohit-myali avatar Oct 26 '23 11:10 rohit-myali

The curve binding order is security and performance related. It's like cipher order.

https://support.citrix.com/article/CTX205289/ "To change the order, you must first unbind all the curves, and then bind them in the desired order."

adc-nerd avatar Nov 15 '23 15:11 adc-nerd