Add 1.3.0 upgrade guide (#7881)
This commit is contained in:
parent
e3e35e7bc4
commit
23a22809fa
31
website/source/docs/upgrading/upgrade-to-1.3.0.html.md
Normal file
31
website/source/docs/upgrading/upgrade-to-1.3.0.html.md
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
layout: "docs"
|
||||
page_title: "Upgrading to Vault 1.3.0 - Guides"
|
||||
sidebar_title: "Upgrade to 1.3.0"
|
||||
sidebar_current: "docs-upgrading-to-1.3.0"
|
||||
description: |-
|
||||
This page contains the list of deprecations and important or breaking changes
|
||||
for Vault 1.3.0. Please read it carefully.
|
||||
---
|
||||
|
||||
# Overview
|
||||
|
||||
This page contains the list of deprecations and important or breaking changes
|
||||
for Vault 1.3.0 compared to 1.2.4. Please read it carefully.
|
||||
|
||||
## Secondary cluster activation
|
||||
|
||||
There has been a change to the way that activating performance and DR secondary
|
||||
clusters works when using public keys for encryption of the parameters rather
|
||||
than a wrapping token. This flow was experimental and never documented. It is
|
||||
now officially supported and documented but is not backwards compatible with
|
||||
older Vault releases.
|
||||
|
||||
## Cluster cipher suites
|
||||
|
||||
On its cluster port, Vault will no longer advertise the full TLS 1.2 cipher
|
||||
suite list by default. Although this port is only used for Vault-to-Vault
|
||||
communication and would always pick a strong cipher, it could cause false flags
|
||||
on port scanners and other security utilities that assumed insecure ciphers were
|
||||
being used. The previous behavior can be achieved by setting the value of the
|
||||
(undocumented) cluster_cipher_suites config flag to tls12.
|
|
@ -376,7 +376,8 @@
|
|||
'upgrade-to-1.1.2',
|
||||
'upgrade-to-1.2.0',
|
||||
'upgrade-to-1.2.1',
|
||||
'upgrade-to-1.2.4'
|
||||
'upgrade-to-1.2.4',
|
||||
'upgrade-to-1.3.0'
|
||||
]
|
||||
},
|
||||
'----------------',
|
||||
|
|
Loading…
Reference in a new issue