Details
-
Bug
-
Resolution: Fixed
-
Major
-
2.3.1
-
None
-
9 - Krakend, 10 - Krackeverlasting, 1 - Levianthanning
-
2
Description
Submitting the following does not work
tls:
|
cipherSuites:
|
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
|
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
tlsMinimumVersion: TLS1.2 |
It errors with the following error:
{"level":"info","ts":1671206189.2434819,"logger":"cluster","msg":"Reconciliation failed","cluster":"gio-build/cb4-gioapp","error":"unexpected status code: request failed POST http://cb4-gioapp-0014.cb4-gioapp.gio-build.svc:8091/settings/security 400 Bad Request: {\"errors\":[\"cipherSuites - Invalid format. Expecting a list of ciphers.\"]}" |
While the following does work due to the escaped quotation marks making it into the url_encoded request to couchbase api
tls:
|
cipherSuites:
|
- '"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"' |
- '"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"' |
- '"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"' |
- '"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"' |
tlsMinimumVersion: TLS1.2 |
We should fix it so that the quotation marks are added and are not required in the K8S resource, and add testing to ensure that it works appropriately.
Attachments
Issue Links
- blocks
-
K8S-3052 2.4.1 Release Notes
- Resolved