scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 17:52:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added some notes about TLS and browser Secure Contexts (#26946)

Browse Source 
* Added some notes about TLS and browser Secure Contexts

* Fixed an unrelated indent and color for note

* Bolding word to add visual distinction
This commit is contained in:
Meggie
2024-05-10 16:01:54 -04:00
committed by GitHub
parent 70907cd971
commit a5c9364c68
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/docs/browser-support.mdx
View File

@@ -17,4 +17,6 @@ Vault currently supports all 'evergreen' and updated browsers. the following bro
!> **Warning**: Using an unsupported browser such as Internet Explorer 11 (IE 11) may cause degradation in feature functionality, and in some cases, Vault features may not operate. We encourage using one of the supported browsers listed for Vault UI.
~> **Note**: Some UI features, such as the [Clipboard](https://developer.mozilla.org/en-US/docs/Web/API/Clipboard), require a [secure context](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts). They may not function as expected if TLS is not enabled, or for some other reason a secure context is not available.
Please note that HashiCorp, in alignment with Microsoft's stance on IE 11, no longer supports Internet Explorer 11 (IE 11). For further information on IE 11, please reference Microsoft's [support site](https://docs.microsoft.com/en-US/lifecycle/faq/internet-explorer-microsoft-edge).

5
website/content/docs/configuration/listener/tcp.mdx
View File

@@ -148,7 +148,8 @@ default value in the `"/sys/config/ui"` [API endpoint](/vault/api-docs/system/co
- `tls_disable` `(string: "false")` Specifies if TLS will be disabled. Vault
assumes TLS by default, so you must explicitly disable TLS to opt-in to
insecure communication.
insecure communication. Disabling TLS can **disable** some UI functionality. See
the [Browser Support](/vault/docs/browser-support) page for more details.
- `tls_cert_file` `(string: <required-if-enabled>, reloads-on-SIGHUP)`
Specifies the path to the certificate for TLS. It requires a PEM-encoded file.
@@ -176,7 +177,7 @@ default value in the `"/sys/config/ui"` [API endpoint](/vault/api-docs/system/co
- `tls_max_version` `(string: "tls13")` Specifies the maximum supported
version of TLS. Accepted values are "tls10", "tls11", "tls12" or "tls13".
~> **Warning**: TLS 1.1 and lower (`tls10` and `tls11` values for the
~> **Warning**: TLS 1.1 and lower (`tls10` and `tls11` values for the
`tls_min_version` and `tls_max_version` parameters) are widely considered
insecure.