By Ray Bradley
Hi, there, wondering if it’s possible to control which ciphers are available on a DO load balancer (provisioned via Kubernetes). A quick ssllabs.com scan reveals that my LB supports a weak TLS 1.2 cipher (TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA) that I’d like to disable.
Any guidance or experience with this?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Accepted Answer
Hey @raybradley,
I believe that this is not configurable at the time being.
The best thing to do to get your voice heard regarding this would be to head over to our Product Ideas board and post a new idea, including as much information as possible for what you’d like to see implemented.
In the meantime, what you could do is use Cloudflare, that way you could use the free SSL provided by their service and also take advantage of the free DDoS protection and CDN offerings.
Hope that helps!
- Bobby.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.