mirror of
https://github.com/opentofu/opentofu.git
synced 2024-12-25 08:21:07 -06:00
group obsolete TLS features in upgrade guide
This commit is contained in:
parent
6e70577a87
commit
0855561db0
@ -15,7 +15,7 @@ small number of users. Specifically, the following updates may require additiona
|
||||
* [terraform-credentials-env functionality is built into the Terraform CLI](#the-terraform-credentials-env-functionality-is-built-into-the-terraform-cli)
|
||||
* [Terraform requires Linux kernel 2.6.32 or later](#terraform-requires-linux-kernel-2-6-32-or-later)
|
||||
* [Remote servers must support TLSv1.2](#remote-servers-must-support-tlsv1-2)
|
||||
* [TLS Certificates signed with SHA-1 are no longer supported](#tls-certificates-signed-with-sha-1-are-no-longer-supported)
|
||||
* [Obsolete TLS features are no longer supported](#obsolete-tls-features-are-no-longer-supported)
|
||||
|
||||
## The `terraform-credentials-env` Functionality is Built Into the Terraform CLI
|
||||
|
||||
@ -32,13 +32,15 @@ The Terraform runtime no longer supports Linux kernels prior to
|
||||
require distributions using kernel 2.6.32 or later. The CLI behavior on earlier
|
||||
kernel versions is undefined.
|
||||
|
||||
## Remote Servers Must Support TLSv1.2
|
||||
## Obsolete TLS Features Are No Longer Supported
|
||||
|
||||
Terraform now requires the server to support TLS v1.2 when making outgoing HTTPS or other TLS connections as a client. TLS v1.0 and v1.1 are no longer
|
||||
supported. All up-to-date servers should support TLS 1.2, and mainstream
|
||||
web browsers have required it since 2020.
|
||||
|
||||
## TLS Certificates Signed With SHA-1 Are No Longer Supported
|
||||
|
||||
Terraform will no longer accept CA certificates signed using the SHA-1 hash function when making outgoing HTTPS or other TLS connections as a client. Publicly-trusted Certificate Authorities have not issued SHA-1 certificates since 2015.
|
||||
|
||||
This change only affects requests made by Terraform Core itself, which includes
|
||||
provider installation, module installation, and interactions with your
|
||||
configured backend. Terraform provider plugins are separate programs which have
|
||||
their own rules about which TLS versions are supported.
|
||||
|
Loading…
Reference in New Issue
Block a user