Backport tls 1.3 support.

Signed-off-by: James Blair <mail@jamesblair.net>
2023-03-15 14:10:14 +13:00
parent 6ddb23ce7a
commit 358bcf3fb6
10 changed files with 357 additions and 11 deletions
--- a/server/etcdmain/help.go
+++ b/server/etcdmain/help.go
@ -174,6 +174,10 @@ Security:
    Comma-separated whitelist of origins for CORS, or cross-origin resource sharing, (empty or * means allow all).
  --host-whitelist '*'
    Acceptable hostnames from HTTP client requests, if server is not secure (empty or * means allow all).
+  --tls-min-version 'TLS1.2'
+    Minimum TLS version supported by etcd. Possible values: TLS1.2, TLS1.3.
+  --tls-max-version ''
+    Maximum TLS version supported by etcd. Possible values: TLS1.2, TLS1.3 (empty will be auto-populated by Go).

 Auth:
  --auth-token 'simple'