charts icon indicating copy to clipboard operation
charts copied to clipboard

Published 20 hours ago verified publisher icon jfrog

[artifactory-ha] update nginx TLS config

Open dhutty opened this issue 4 years ago • 1 comments

PR Checklist

[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]

  • [x] Chart Version bumped
  • [x] CHANGELOG.md updated
  • [x] Variables and other changes are documented in the README.md
  • [x] Title of the PR starts with chart name (e.g. [artifactory])

What this PR does / why we need it: As discussed with [email protected], this brings the nginx TLS config into line with the "Intermediate" recommendations from https://ssl-config.mozilla.org

Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #

Special notes for your reviewer:

dhutty avatar Sep 16 '20 20:09 dhutty

Artifactory has many other, older clients that use it. Much more than web browsers. Some of these are fairly old, and we try and keep support for a fairly wide range of clients. I'm worried that this change might actually break this. I suggest you wrap this configuration in an if clause with an option to select turning it on or off. I'll also take it internally to see if we can verify this somehow.

eldada avatar Sep 17 '20 06:09 eldada