Webserver headers and ciphers

I’m using z2jh for a small cluster and we need to adjust web-server level config options including

  1. HSTS
  2. SSL Cipher Suites

Does someone know what the appropriate entrypoint for making those changes would be in a typical z2jh stack?


OK - I think I figured out how to set this in the Kubernetes Ingress. I think that makes this out of scope for the z2jh setup.

If you have a link to your config or a snippet that would be somethinng useful to post so that people from the future with a similar question can find it, even if it is out of scope :slight_smile:

Sure thing - I used the ConfigMap for ingress-nginx. See:

HSTS: https://github.com/kubernetes/ingress-nginx/blob/041a8457aa8253cfaa370817c02cb1faa2ad5a28/docs/user-guide/nginx-configuration/configmap.md#hsts
SSL Ciphers: https://github.com/kubernetes/ingress-nginx/blob/041a8457aa8253cfaa370817c02cb1faa2ad5a28/docs/user-guide/nginx-configuration/configmap.md#ssl-ciphers

1 Like