About MAAS Native TLS

MAAS version 3.2 has built-in TLS support for communicating with the UI and API over HTTPS. This eliminates the need to deploy a separate TLS-terminating reverse-proxy solution in front of MAAS to provide secure access to API and UI.

TLS versions 1.2 and 1.3 are supported by MAAS. For TLSv1.2, the following ciphers are accepted:

  • AES256+EECDH
  • AES256+EDH

You will need to obtain your own certificates via some provider, e.g., small step.

About certificate auto-renewal

At the moment we don’t support automatic certificate renewal, because it depends on the PKI used at the organisation level. We do provide some examples of how to set this up, as long as you understand that these are just gratuitous helps, not supported configurations.

To obtain MAAS native TLS, upgrade to MAAS v3.2 or higher.

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.