Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect documentation regarding minimum version of TLS used #6082

Closed
asobti opened this issue Aug 15, 2024 · 1 comment
Closed

Incorrect documentation regarding minimum version of TLS used #6082

asobti opened this issue Aug 15, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@asobti
Copy link

asobti commented Aug 15, 2024

Report

https://keda.sh/docs/2.15/operate/cluster/#http-tls-min-version states that

By default, KEDA uses TLS1.2 as a minimum TLS version given it is the lowest version without vulnerabilities

whereas, https://keda.sh/docs/2.15/reference/faq/#how-do-i-run-keda-with-tls-v1.3-only states that

By default, Keda listens on TLS v1.1 and TLSv1.2, with the default Golang ciphersuites.

As per the code, the former (minimum TLS v1.2) is correct

keda/pkg/util/tls_config.go

Lines 91 to 110 in 367fcd3

func initMinTLSVersion() (uint16, error) {
version, _ := os.LookupEnv("KEDA_HTTP_MIN_TLS_VERSION")
switch version {
case "":
minTLSVersion = tls.VersionTLS12
case "TLS10":
minTLSVersion = tls.VersionTLS10
case "TLS11":
minTLSVersion = tls.VersionTLS11
case "TLS12":
minTLSVersion = tls.VersionTLS12
case "TLS13":
minTLSVersion = tls.VersionTLS13
default:
return tls.VersionTLS12, fmt.Errorf("%s is not a valid value, using `TLS12`. Allowed values are: `TLS13`,`TLS12`,`TLS11`,`TLS10`", version)
}
return minTLSVersion, nil
}

Expected Behavior

Documentation should correctly state that a minimum version of TLSv1.2 is used

Actual Behavior

Documentation states that TLSv1.1 and v1.2 are used

Steps to Reproduce the Problem

NA

Logs from KEDA operator

No response

KEDA Version

2.15.1

Kubernetes Version

None

Platform

None

Scaler Details

No response

Anything else?

No response
@asobti asobti added the bug Something isn't working label Aug 15, 2024
@asobti
Copy link
Author

asobti commented Aug 15, 2024

Closing. This should have been created in the kedacore/keda-docs repo

@asobti asobti closed this as completed Aug 15, 2024
@github-project-automation github-project-automation bot moved this from To Triage to Ready To Ship in Roadmap - KEDA Core Aug 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
Roadmap - KEDA Core
Status: Ready To Ship
Milestone
No milestone
Development

No branches or pull requests
1 participant
@asobti