Validating in use Cipher Suites used by VMware Aria Automation & Automation Orchestrator 8.x
search cancel

Validating in use Cipher Suites used by VMware Aria Automation & Automation Orchestrator 8.x

book

Article ID: 326112

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

This article provides a means to validate which Cipher Suites are configured for the TLS configuration used by VMware Aria Automation & Automation Orchestrator 8.x

Environment

VMware Aria Automation 8.x
VMware Aria Automation Orchestrator 8.x

Resolution

Prerequisites

  • You have SSH access to the appliances running in the cluster.
  • You have root username and password for each node in the cluster.

Procedure

  1. SSH into each node in the cluster:
  2. Run the following command to view the contents of the values.yaml file for the ingress controller: 
    cat /opt/charts/ingress-ctl/values.yaml

 

  1. Isolate the values located under ssl > cipherSuites.

Example:
Note: These values were pulled from an 8.12.1 environment. Be sure to validate each version or if this is a FIPS enabled cluster.

ssl:
  enforced: false
  # https://docs.traefik.io/configuration/entrypoints/#specify-minimum-tls-version
  tlsMinVersion: VersionTLS12
  cipherSuites: [
        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
        "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
        "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
        "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305"
      ]
Powered by Wolken Software