Default Cipher Suites for Istio Ingress-Gateway for Min TLS1.2

2k Views Asked by At

Is there a way to check the default cipher suites being used by the Ingress gateway? My gateway has MTLS enabled with minimum TLS version as 1.2.

1

There are 1 best solutions below

3
On BEST ANSWER

Yes, you can find it out by going through the Mutual TLS authentication docs:

Istio configures TLSv1_2 as the minimum TLS version for both client and server with the following cipher suites:

  • CDHE-ECDSA-AES256-GCM-SHA384

  • ECDHE-RSA-AES256-GCM-SHA384

  • ECDHE-ECDSA-AES128-GCM-SHA256

  • ECDHE-RSA-AES128-GCM-SHA256

  • AES256-GCM-SHA384

  • AES128-GCM-SHA256