K8S TILS

测试是否支持
curl -v --tlsv1.1 --tls-max 1.1 https://mip-atjs.fdcyun.com:9443/apigate/msg/bi2mip
curl -v --tlsv1.1 --tls-max 1.2 https://mip-atjs.fdcyun.com:9443/apigate/msg/bi2mip

游览器检查最高支持版本

阿里云方案
Ingress-Nginx默认支持TLS V1.2及V1.3版本，对于部分旧版本的浏览器，或者移动客户端TLS版本低于1.2时，会导致客户端在与Ingress-Nginx服务SSL版本协商时报错。
修改kube-system/nginx-configuration configmap添加以下配置，为Ingress-Nginx开启支持更多TLS版本的功能。具体操作，请参见T

ssl-ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA"
ssl-protocols: "TLSv1 TLSv1.1 TLSv1.2 TLSv1.3"

openssl s_client -connect mip-atjs.fdcyun.com:9443 -tls1_3