Hello,
We are using istio ingress gateway with AKS and would like to know how could I get logs for which ciphers are being used by clients. I want logs on server side. Security tests have detected some week ciphers and wants to see if they are being used. Below is list of week ciphers:
Thank you in advance.
-Nilay
I am also looking for the answer of this question…we are facing same…
It looks like Envoy (the proxy underlying istio) supports logging this information: Access logging — envoy 1.25.0-dev-92d3e7 documentation
In particular, see %DOWNSTREAM_TLS_CIPHER% and co. Istio documents configuring the log format here: Istio / Envoy Access Logs
You could enable this, make sure your log format is json, and then just scrape the logs as they come in, thereby building a list of unique, used ciphers over a time period.
Now, I see that istio doesn’t document this option. That could either be because the docs are out of date, or that it was newly added to envoy. I’m not sure offhand, but if you dig further I’m sure you can find out.