diff --git a/docs/content/https/tls.md b/docs/content/https/tls.md index 0323eb2e6..505043259 100644 --- a/docs/content/https/tls.md +++ b/docs/content/https/tls.md @@ -392,11 +392,11 @@ spec: ### Curve Preferences -This option allows to set the preferred elliptic curves in a specific order. +This option allows to set the enabled elliptic curves for key exchange. The names of the curves defined by [`crypto`](https://godoc.org/crypto/tls#CurveID) (e.g. `CurveP521`) and the [RFC defined names](https://tools.ietf.org/html/rfc8446#section-4.2.7) (e. g. `secp521r1`) can be used. -See [CurveID](https://godoc.org/crypto/tls#CurveID) for more information. +See [CurvePreferences](https://godoc.org/crypto/tls#Config.CurvePreferences) and [CurveID](https://godoc.org/crypto/tls#CurveID) for more information. ```yaml tab="File (YAML)" # Dynamic configuration diff --git a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml index 6f901cb57..b5c41bb8c 100644 --- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml +++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml @@ -1886,7 +1886,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string @@ -4316,7 +4316,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string diff --git a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml index daa25640d..6c7fdc914 100644 --- a/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.containo.us_tlsoptions.yaml @@ -78,7 +78,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string diff --git a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml index 0fdd05bc4..20f817125 100644 --- a/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml +++ b/docs/content/reference/dynamic-configuration/traefik.io_tlsoptions.yaml @@ -78,7 +78,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string diff --git a/docs/content/routing/providers/kubernetes-crd.md b/docs/content/routing/providers/kubernetes-crd.md index 20e67ce2a..cf168ff91 100644 --- a/docs/content/routing/providers/kubernetes-crd.md +++ b/docs/content/routing/providers/kubernetes-crd.md @@ -1644,7 +1644,7 @@ or referencing TLS options in the [`IngressRoute`](#kind-ingressroute) / [`Ingre | [2] | `minVersion` | Defines the [minimum TLS version](../../https/tls.md#minimum-tls-version) that is acceptable. | | [3] | `maxVersion` | Defines the [maximum TLS version](../../https/tls.md#maximum-tls-version) that is acceptable. | | [4] | `cipherSuites` | list of supported [cipher suites](../../https/tls.md#cipher-suites) for TLS versions up to TLS 1.2. | -| [5] | `curvePreferences` | List of the [elliptic curves references](../../https/tls.md#curve-preferences) that will be used in an ECDHE handshake, in preference order. | +| [5] | `curvePreferences` | List of the [elliptic curves references](../../https/tls.md#curve-preferences) that will be used in an ECDHE handshake. | | [6] | `clientAuth` | determines the server's policy for TLS [Client Authentication](../../https/tls.md#client-authentication-mtls). | | [7] | `clientAuth.secretNames` | list of names of the referenced Kubernetes [Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) (in TLSOption namespace). The secret must contain a certificate under either a `tls.ca` or a `ca.crt` key. | | [8] | `clientAuth.clientAuthType` | defines the client authentication type to apply. The available values are: `NoClientCert`, `RequestClientCert`, `VerifyClientCertIfGiven` and `RequireAndVerifyClientCert`. | diff --git a/integration/fixtures/k8s/01-traefik-crd.yml b/integration/fixtures/k8s/01-traefik-crd.yml index 6f901cb57..b5c41bb8c 100644 --- a/integration/fixtures/k8s/01-traefik-crd.yml +++ b/integration/fixtures/k8s/01-traefik-crd.yml @@ -1886,7 +1886,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string @@ -4316,7 +4316,7 @@ spec: type: object curvePreferences: description: |- - CurvePreferences defines the preferred elliptic curves in a specific order. + CurvePreferences defines the preferred elliptic curves. More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences items: type: string diff --git a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go index 0e6e2274d..74aba1a91 100644 --- a/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/traefikcontainous/v1alpha1/tlsoption.go @@ -34,7 +34,7 @@ type TLSOptionSpec struct { // CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites CipherSuites []string `json:"cipherSuites,omitempty"` - // CurvePreferences defines the preferred elliptic curves in a specific order. + // CurvePreferences defines the preferred elliptic curves. // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences CurvePreferences []string `json:"curvePreferences,omitempty"` // ClientAuth defines the server's policy for TLS Client Authentication. diff --git a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go index 0e6e2274d..74aba1a91 100644 --- a/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go +++ b/pkg/provider/kubernetes/crd/traefikio/v1alpha1/tlsoption.go @@ -34,7 +34,7 @@ type TLSOptionSpec struct { // CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#cipher-suites CipherSuites []string `json:"cipherSuites,omitempty"` - // CurvePreferences defines the preferred elliptic curves in a specific order. + // CurvePreferences defines the preferred elliptic curves. // More info: https://doc.traefik.io/traefik/v2.11/https/tls/#curve-preferences CurvePreferences []string `json:"curvePreferences,omitempty"` // ClientAuth defines the server's policy for TLS Client Authentication.